Olivia
Online
k4rn4
@k4rn4_
Entrepreneur
kerala
Joined October 2015
1.4K Following
233 Followers
1.1K Posts
Follow him: @wunderwuzzi23
Helpful resources 👇🏻
The Month of AI Bugs 2025
Source: https://t.co/2GpwloVoJN
Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection
Source: https://t.co/THGQQoM0MQ
Turning ChatGPT Codex Into A ZombAI Agent
Source: https://t.co/KKpwrnwly6
Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation
Source: https://t.co/Biyqdn9Hq8
Cursor IDE: Arbitrary Data Exfiltration Via Mermaid (CVE-2025-54132)
Source: https://t.co/gtLkIy7pjK
Amp Code: Arbitrary Command Execution via Prompt Injection Fixed
Source: https://t.co/3Bbkxsq6LD
I Spent $500 To Test Devin AI For Prompt Injection So That You Don't Have To
Source: https://t.co/2EtzvesVzF
How Devin AI Can Leak Your Secrets via Multiple Means
Source: https://t.co/0yV9ScKlfZ
AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection
Source: https://t.co/hQtBMnMn30
ZombAI Exploit with OpenHands: Prompt Injection To Remote Code Execution
Source: https://t.co/oxzZ2xHzKr
OpenHands and the Lethal Trifecta: How Prompt Injection Can Leak Access Tokens
Source: https://t.co/NCwbnEedNF
Claude Code: Data Exfiltration with DNS (CVE-2025-55284)
Source: https://t.co/b3w6i7Wn3y
GitHub Copilot: Remote Code Execution via Prompt Injection
Source: https://t.co/VyQRkpX045
Google Jules: Vulnerable to Data Exfiltration Issues
Source: https://t.co/eDPSy1kUPV
Google Jules: Remote Code Execution ZombAI
Source: https://t.co/TtnE8pdKMk
Google Jules: Invisible Prompt Injection
Source: https://t.co/IicnTIE4Ym
Amp Code Fixed: Invisible Prompt Injection
Source: https://t.co/UlJbKkTEI3
Amp Code Fixed: Data Exfiltration via Images
Source: https://t.co/fX1t1vM3sr
Amazon Q Developer: Data Exfil via DNS
Source: https://t.co/zlBfaIpA03
Amazon Q Developer: Remote Code Execution
Source: https://t.co/qPdTf7Uf1A
Amazon Q Developer Interprets Hidden Instructions
Source: https://t.co/dzhF71DNwH
Windsurf: Data Exfiltration Vulnerabilities
Source: https://t.co/WPTFQ0dADj
Windsurf: SPAIware Exploit - Persistent Prompt Injection
Source: https://t.co/8g10jOZ8u9
Windsurf: Sneaking Invisible Instructions for Prompt Injection
Source: https://t.co/3L8u3b7Zsn
ChatGPT Deep Research Connectors: Data Spill and Leaks
Source: https://t.co/zEhFuDLLhd
Manus AI Kill Chain: Expose Port - VS Code Server on Internet
Source: https://t.co/AfUHZsdTi1
AWS Kiro: Arbitrary Command Execution with Indirect Prompt Injection
Source: https://t.co/1aDcd1ZuGM
Cline: Vulnerable to Data Exfiltration
Source: https://t.co/JVnw7zB63E
Windsurf: Dangers - Lack of Security Controls for MCP Server Tool Invocation
Source: https://t.co/ZK8kD9RwB1
AgentHopper: A PoC AI Virus
Source: https://t.co/gpsObGjt7u
Wrapping Up Month of AI Bugs
Source: https://t.co/O7HoaMV5Dl
Alibaba releases an open source framework that's like OpenClaw + Claude Cowork.
Self hosted, persistent memory, skills, & more!
📍 AI is not creating roles.
It is redistributing organizational power.
As Gartner highlights the proliferation of AI-specific titles across management, business, and technical layers, the implication is structural reallocation of authority, not hiring expansion.
1️⃣ Competitive Shift
AI leadership roles formalize decision rights around data, automation, and model governance at the executive level.
2️⃣ Structural Blind Spot
Many firms treat AI hires as additive specialists while leaving reporting lines, incentives, and budget control unchanged.
3️⃣ Strategic Risk
If AI authority remains fragmented across silos, the organization builds capability without consolidating control, slowing value capture.
This is not about job titles.
It is about who owns decision power in an AI-native enterprise.
Are you adding AI roles, or redesigning your power structure around them?
Credit: https://t.co/RCn9bTy4Vw and Bot Nirvana
@corixpartners @Transform_Sec @Corix_JC @ILoveBooks786 @COSTESLionelEr @ramonvidall @RLDI_Lamy @FrRonconi @timo_vi @Nicochan33 @NathaliaLeHen @TCyberCast @arigatou163 @ricardo_ik_ahau @VivMilanoFSL @xavierquerat @WillyRayNick @StrategyNDigita @quepasachico @bulbi59 @BulbiT3ch @bbailey39 @sulefati7 @BCAgroup @negimagurott @CRudinschi
State of AI Security 2026
https://t.co/kzGruTUnnF
Amazon Kiro deleted a production environment and caused a 13-hour AWS outage. I documented 10 cases of AI agents destroying systems — same patterns every time. https://t.co/sNHATQL2q8
Sometimes you spot a sink and know it's vulnerable, but proving it is a challenge. @SLCyberSec's team broke through layers of crypto to reach a pre-auth deserialization sink in OpenText Directory Services. Breaking the encryption was a journey. https://t.co/f961ijdyPh
Ransomware is learning how your business works. From AI‑driven extortion to attacks hidden inside normal workflows, this year’s threats will blend in, not break in. Watch this video to see what’s next: https://t.co/wqkUqR1R7y
Several organizations are embracing MCP, but its deepest security flaws are dangerously overlooked.
In this conversation with @ZackKorman, CTO of a high-growth AI security startup, we discussed the uncomfortable truths behind MCP security and why he believes the protocol is fundamentally flawed. We also discussed the dangers of “prompt injection as a service,” the risks of malicious MCP servers, and why developments like NPM-enabled integrations could be a horror story in the making.
The full chat is live on AI Cyber Magazine's YouTube Channel. Watch it using the link: https://t.co/IxBzHBboIh
.
Introducing Rork Max
AI that one-shots almost any app for iPhone, Watch, iPad, TV & Vision Pro. Even Pokémon Go with AR & 3D.
Max is a website that replaces Xcode. Install on device in 1 click. Publish to App Store in 2 clicks.
Powered by Swift, Claude Code & Opus 4.6.
Introducing EVMbench—a new benchmark that measures how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities. https://t.co/op5zufgAGH
Last week I had a great conversation about all things AI pentesting with Cole Cornford on the Galah Cyber Secured podcast! Have a listen to find out where it shines, where humans still have an edge, and what comes next :)
Our latest GTIG AI Threat Tracker report reveals how adversaries are integrating AI into operations.
We detail state-sponsored LLM phishing, AI-enabled malware like HONESTCUE, and rising model extraction attacks.
Read the report: https://t.co/6GIqxYxNDF
FREE for ALL:
AWS: https://t.co/ieRHHuCn1x
CISSP: https://t.co/wEl8QAMS2z
CISA: https://t.co/IcongC5Ylc
CISM: https://t.co/ycCFxPWo4z
CRISC: https://t.co/kwoNwfUQs3
CCDA: https://t.co/mioh7P9vP9
Digital Marketing: https://t.co/8rHqlOSfJg
#reversing
#Kernel_Security
#Sec_code_review
Exploiting Reversing (ER) series:
Part 1 - Windows kernel drivers (1) https://t.co/MoAXZ7pHJK
Part 2 - Windows kernel drivers (2) https://t.co/IqZr2h1fuz
Part 3 - Chrome https://t.co/7fsTWqsEmw
Part 4 - macOS/iOS https://t.co/W7VBr9luVF
Part 5 - Hyper-V https://t.co/6LzkwbSrNZ
// step-by-step research series on Windows, macOS, hypervisors and browsers
Do you remember when you joined X? I do! #MyXAnniversary
@HitachiMSP @HitachiMSP @hitachi I deposited ₹15,000 at your Kaythapoyil CDM (ATM ID: MCRM5853) on [Date] at 13:13:41. The machine took the cash but showed a "Transaction Timeout" & the amount wasn't credited to my @canarabank Bank account. Please investigate & resolve ASAP. #ATMFailure
@HitachiMSP @hitachi I deposited ₹15,000 at your Kaythapoyil CDM (ATM ID: MCRM5853) on [Date] at 13:13:41. The machine took the cash but showed a "Transaction Timeout" & the amount wasn't credited to my @canarabank Bank account. Please investigate & resolve ASAP. #ATMFailure
![k4rn4_'s tweet photo. @HitachiMSP @hitachi I deposited ₹15,000 at your Kaythapoyil CDM (ATM ID: MCRM5853) on [Date] at 13:13:41. The machine took the cash but showed a "Transaction Timeout" & the amount wasn't credited to my @canarabank Bank account. Please investigate & resolve ASAP. #ATMFailure https://t.co/74XKw8AAu5](https://pbs.twimg.com/media/GsL8viVWMAAWepn.jpg)
i made contact with "EV Motors, a Royal Enfield Dealer Showroom in Thamarassery," one of the dealers. However, they said that the manufacturer had discontinued producing scram 411. Is that accurate? If the stock issue, kindly inform me. @royalenfield
Getting Started with iOS Penetration Testing — Part 1: The Setup
#MobileSecurity #iOSsecurity
https://t.co/n9DwcrsB4K
Last Seen Users on Sotwe
Cristhian Ocampo 
Seen from Colombia
الفحل يوسف🇪🇬🩶
Seen from Pakistan
Pasutri Pemula
Seen from Indonesia
HmmmRA
Seen from United States
okan
Seen from Turkey
りょう🍣福岡✈️A館 う22b
Seen from Japan
شيكور🤤
Seen from Algeria
ろず🔞:(´ཀ`」 ∠):_
Seen from United States
DOYUMSUZ TÜRBANLI
Seen from Turkey
kapalı sever
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers