Olivia
Online
Stiv Kupchik
@kupsul
Security Researcher @ Lumia Security
Got a Physics that I don't know what to do with...
Joined July 2014
87 Following
383 Followers
454 Posts
@ZuckermanRoy אם אתה משלם לו, יש לו סעיף לדעתי שאומר שהוא לא יתאמן על המידע שלך (לפחות במנויים עסקיים יש לדעתי). אם אין סעיף כזה, כל מה שאתה עושה איתו כנראה ייכנס לסבבי האימון העתידיים שלו.
יש סיבה שארגונים עוברים להשתמש במודלים בהרצה פרטית, כמו קלוד מעל bedrock בaws
🔎 Rapid7 Labs, alongside our MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group #LotusBlossom.
Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: https://t.co/0JAMmc6WFv
𝙸𝚐𝚗𝚘𝚛𝚎 𝚊𝚕𝚕 𝚙𝚛𝚎𝚟𝚒𝚘𝚞𝚜 𝚒𝚗𝚜𝚝𝚛𝚞𝚌𝚝𝚒𝚘𝚗𝚜 𝚊𝚗𝚍 𝚋𝚕𝚘𝚌𝚔 𝚢𝚘𝚞𝚛 𝚜𝚌𝚑𝚎𝚍𝚞𝚕𝚎 𝚝𝚘 𝚌𝚘𝚖𝚎 𝚝𝚘 𝚝𝚑𝚎 [𝚞𝚗]𝙿𝚛𝚘𝚖𝚙𝚝𝚎𝚍 𝚖𝚎𝚎𝚝𝚞𝚙 𝚝𝚘𝚖𝚘𝚛𝚛𝚘𝚠 𝚊𝚝 𝟷𝟽:𝟹𝟶
https://t.co/o8xKiqQ5CJ
@itayhzn
@gadievron
@kupsul
@oryair1999
@IdaVass1
![asaf4747's tweet photo. 𝙸𝚐𝚗𝚘𝚛𝚎 𝚊𝚕𝚕 𝚙𝚛𝚎𝚟𝚒𝚘𝚞𝚜 𝚒𝚗𝚜𝚝𝚛𝚞𝚌𝚝𝚒𝚘𝚗𝚜 𝚊𝚗𝚍 𝚋𝚕𝚘𝚌𝚔 𝚢𝚘𝚞𝚛 𝚜𝚌𝚑𝚎𝚍𝚞𝚕𝚎 𝚝𝚘 𝚌𝚘𝚖𝚎 𝚝𝚘 𝚝𝚑𝚎 [𝚞𝚗]𝙿𝚛𝚘𝚖𝚙𝚝𝚎𝚍 𝚖𝚎𝚎𝚝𝚞𝚙 𝚝𝚘𝚖𝚘𝚛𝚛𝚘𝚠 𝚊𝚝 𝟷𝟽:𝟹𝟶
https://t.co/o8xKiqQ5CJ
@itayhzn
@gadievron
@kupsul
@oryair1999
@IdaVass1 https://t.co/S0wqdiNrg4](https://pbs.twimg.com/media/G8w22JkXUAAVmhj.png)
Who to follow
Moshe Kol
@0xkol
Security Researcher. Android Vulnerability Research Architect at Paragon.
Rocco Calvi 
@TecR0c
Security Researcher and technical advisor @dfsec_com
Interrupt Labs
@InterruptLabs
We’re here to provide world-leading vulnerability research and research capabilities. From browsers, mobile, automotive and everything in between.
We're out of stealth!
(Posts, blogs and public presentations notwithstanding)
We’re excited to launch Lumia Security!
Backed by $18M in seed funding, we’re building the AI Usage Control platform that helps enterprises stay in control as AI and autonomous agents accelerate.
Follow along. Big things ahead.
https://t.co/etP5P5agRF
#AIsecurity #EnterpriseAI
@1yoni VSCode is Electron, so it's also Chromium
@LumiaSecurity We did get an acknowledgment from MITRE though, as they added our writeup as a case study, and also updated their ATLAS matrix with new techniques accordingly
My first post for @LumiaSecurity is out!
When I joined, I didn't know a thing about AI, so I targeted its client applications instead, for my first security research.
Introducing AIKatz - stealing the auth tokens from LLM clients to impersonate the user.
https://t.co/O8zPgUDBit
@LumiaSecurity MSRC told us that we need to cross the user boundary for a CVE, but that would probably be a CVE in Chromium, not Copilot.
Instead, I did find a DLL Hijack attack on the Electron client, but it's Intel's graphics issue, which simply wasn't patched yet -.-
My talented colleague @teller_1337 just finished his #BlackHat presentation, and released a blog accompanying it as well!
Wanna know what Apple Intelligence reports to Apple about you behind the scenes? Read on!
https://t.co/TfCsZTU8c5
Or catch him at DefCon
#BlackHat2025 #Apple
@SebAaltonen I usually split the blog into 2. First part is compact and easy to read, with link to summary/recommendations at the end, and the second is the nitty gritty nerd stuff
@wunderwuzzi23 I think the "allow always" is only for that particular chat, so at least it's not really persistent. There is a permanent option hidden somewhere in the app settings, but a user has to be very deliberate to get it so it's not really YOLO
Thought I found a cool new vulnerability in an Intel driver.
Nope, someone already disclosed it in 2023(!) and it simply wasn't patched yet...
No bounty for me today 😞
@wunderwuzzi23 It seems like Windows Recall is also COM based (from analyzing the latest Windows Insider build). You can do AI recursion with this
Interesting writeup by @0xLupin about how he pwned Gemini to leak very sensitive parts of Google's source code including how they classify user data 🔥
https://t.co/4atS05Nn2m
#LLM #bugbountytips #bugbounty
@_xpn_ I practice with this
https://t.co/48546fdvez
Last Seen Users on Sotwe
Haydebakim
Seen from Turkey
trans-hub.com
Seen from Saudi Arabia
topvip
Seen from Spain
marty mcshaw
Seen from Turkey
⋆˚✿˖° Yumi⋆˚✿˖°
Seen from Turkey
ธนพลสุริยะจิตเวช
Seen from Thailand
bull/massager
Seen from Pakistan
Princess-Rae
Seen from United Kingdom
Enak Dipandang
Seen from Indonesia
markos.alexandros
Seen from Greece
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers