Olivia
Online
Yaniv Balmas
@ynvb
Not the droid you are looking for 🤖
VP Research @SaltSecurity | Former Head Of Cyber Research @_cpresearch_ .
Opinions are my own.
In a galaxy far far away
Joined July 2010
552 Following
1.4K Followers
1.4K Posts
For example, when using this technique on https://t.co/Afl2VoQwwo - we got access to screen recordings from millions of users worldwide 🤯
Did you think XSS is dead? So did we...
We couldn't be more wrong.
XSS is back with a vengeance! 💥
Combined with OAuth, the Salt-Labs team performed a full account takeover on several major online platforms.
https://t.co/yDA4sLMzBR
#XSS #OAuth #cybersecurity #APISec #infosec
Hey @elonmusk, our team at Salt Labs just released some very concerning security issues in the ChatGPT ecosystem, which may put a lot of data for a lot of users at risk.
Time for OpenAI to step up their security game, don't you think?
Full report: https://t.co/0YCOUIxqT9
Check out our latest research. This time, flaws in GenAI ecosystems and several issues in ChatGPT and its integrated plugins.
Kudos, @AviadCarmel, for this wonderful research.
https://t.co/JAZtDlKOcS
Who to follow
REcon 
@reconmtl
REcon: Annual reverse engineering and security conference held in Montreal.
Gal Z
@0xgalz
Security Researcher. Reverse Engineering 💙 Vulnerability Research 💜 Embedded 🤖 C++🤩 OS Internals 🤍 Sewing🧵 Classical Music🎼 Opinions are my own.
Tomer Zait
@realgam3
Security Researcher at A Security
@IdoNaor1 Nothing, it was that way when I found it 🤷🏼♂️
Looking for a contact in OpenAI security team… anyone here has any leads?
@ClausHoumann Moving to DM ;)
Down the OAUth rabbit hole we go...
This time it's a framework issue potentially affecting hundreds of online services, including sites like Codecademy and others...
More exciting targets are coming next... stay tuned and secure your OAuth implementations!
https://t.co/SKik65Wf9h
@SaltSecurity @SaltSecurity's contribution, beyond the sponsorship, warms our hearts.
A big shoutout to @ynvb, who contributed ideas and use cases that were quoted in the latest addition.
💖
Nothing like a good visual aid to remember how to assemble a network cable.
You aren't into networking if you not recognise the meaning of this immediately...
😂
cc @JAMESWT_MHT
https://t.co/v9u69Kbj1b OAuth Implementation Allows Full Account Takeover: https://t.co/OYY4YTX4ZT by Elizabeth Montalbano
@zhouxinan Very similar indeed. Thx for sharing!
Taking over https://t.co/8iTZAzeBkQ accounts by abusing OAuth 2.0
https://t.co/g3wRGeTDR5
Read the technical details here:
https://t.co/u1AJcTtlfH?
@Shiftreduce @cryptodavidw It also requires a strange peripheral called Mouse… does not sound hygienic to me…
@inbarraz מדהים ענבר! מחכה להמשך…
@aCaltum 🤦♂️bad call dude, nothing good ever comes out of it… (from experience ofcourse)
You definitely need a vacation ;)
Just discovered Mandiant has an Urban Dictionary entry. Fantastic stuff. Huge if true. https://t.co/jgbHPFdmTP
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers