Olivia
Online
Nadir
@kapytein
stuff at @aikidosecurity
The Netherlands
Joined February 2018
531 Following
1.4K Followers
269 Posts
@TurvSec @theXSSrat @AikidoSecurity No, we explicitly mention that same-tenant is out of scope for some scenarios. Cross tenant has always been in scope.
@theXSSrat @AikidoSecurity We are revamping the bug bounty program's scope soon though, so keep an eye out for any updates.
@theXSSrat @AikidoSecurity Not having it in scope doesn’t mean we don't care about it perse! The focus of the BBP was on different vuln. classes, and e.g. internal efforts could get in the way of researchers, so having a vuln. class (temp.) out of scope actually helps to avoid that.
This reverse engineering work led its way to a fix in Chrome (subsequently Electron), with credit given back to me! Very cool to see, and happy to help the macOS ecosystem. I hope macOS fixes this huge issue soon. https://t.co/hfRxsF8uZM
Who to follow
Tanner
@itscachemoney
Somewhere between a builder and a breaker | @hacknotcrime
streaak
@streaak
BBAC kidnapped me | I hack things, play video games and occasionally take photographs
Justin Gardner 
@Rhynorater
Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
when building ai products, the key is having some reliable signal about what is working and what is not. whether that signal comes from evals, user feedback, your own taste, performance metrics, or just gut feel does not really matter as long as it is giving you actionable information about where to focus your efforts.
the mistake is either having no signal at all (just building blindly) or getting caught up in the methodology of the signal rather than its utility. a formal eval that tells you nothing useful is worse than informal feedback that clearly points to real problems
A fix from Google was released today. Part of the issue was due to my misunderstanding based on previous reports.
Big thanks to chromium team for the quick resolve
I hope everyone had some fun, and apologies to the triagers on HackerOne XD
Imagine not having had any food to give your kids for 10 days.
Today I used a technique that’s probably not widely known in the community.
In what cases could code like this lead to a vulnerability? ->
@Rhynorater Mostly because CSPT are not 1:1 reproducible across targets. It’s a novel approach every single time (esp. when chaining bugs), which makes it a beautiful bug class.
https://t.co/UXRJIF40Ip
We did it! We tested 300 Bay Area foods for plastic chemicals. We found some interesting surprises.
Top 5 findings in our test results:
1. Our tests found plastic chemicals in 86% of all foods, with phthalates in 73% of the tested products and bisphenols in 22%. It's everywhere.
2. We detected phthalates in most baby foods and prenatal vitamins.
3. Hot foods which spend 45 minutes in takeout containers have 34% higher levels of plastic chemicals than the same dishes tested directly from the restaurant.
4. The 1950s Army rations we tested contained surprisingly high levels of plastic chemicals.
5. Almost every single one of the foods we tested are within both US FDA and EU EFSA regulations.
Check out our full results below.
in a couple weeks, i built a nuclear fusor in my bedroom – with zero hardware experience
the secret? Claude sonnet 3.5 + projects
a glimpse into the process below
Pass-the-{token} attacks are still very much relevant.
Tokens may change: Cookie, NT Hash, Kerberos ticket, MFA token, ...
However, the problem is not in the "token" but in the "pass".
We need a solutions to make tokens stay put, such as device and channel binding.
@charafmrah @benawad IMO it is fine. There is usually other ways to achieve persistence, e.g. by inviting your own user account to an affected tenant, changing the user's e-mail address, linking a social login account, creating an API key, etc.
The impact of a XSS doesn't really change.
My latest blog about my discovery for Evernote Client All-platform RCE via PDF.js font-injection to preload.js exposed ipcRenderer-BrokerBridge-boron.actions bypassing Electron's nodeIntegration | context-isolation;
Enjoy reading!
https://t.co/44uqjkChaI
I love crossover bugs that go between web/mobile/native because there's so much strange interactions that occur and a lot can go wrong - this research was another result of this!
https://t.co/m4XULDBXQ7
happy to release my new article entitled:
Next.js and cache poisoning: a quest for the black hole
https://t.co/v7aqiYJjyX
good reading;
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers