Bugatsec
46 posts
Bugatsec
@Bugatsec
Ranveer | Bug Bounty Hunter | Web, App & AI Security | 🗣 Bug-At-Sec |
शामिल हुए Ağustos 2025
120 फ़ॉलोइंग7 फ़ॉलोवर्स
@the_codewala I respectfully request you not to rate anything AI related ever again
English
They do great for their age restriction. my 3 acc got blocked, somehow they got to know I'm not 18+😬. so I think yes they can do a nationality lvl block
Tib3rius@0xTib3rius
I don't understand. Anthropic have access to Mythos++ level AI models internally and not even those models could tell them how to implement a nationality level block on their user base. 😭😭😭 So much for AGI.
English
Not their first time limiting high-tech for other country 😮💨 tryna be the main character ig🥀🥀
Anthropic@AnthropicAI
The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…
English
it's just a .env file in a public GitHub repo, what's the worst that can happen
update: someone accessed our database
update: they have 3 years of user data
update: i've been asked to join a meeting with legal
update: the meeting is called "incident response"
update: there is no IT person invited except me
English
It’s hilarious that they made a huge deal about the cyber capabilities for months and then when they rolled it out, they’ve blocked the actual utility of the model by prohibiting cyber use 🤣
And yes this includes trusted testers. Like, what was the point in even releasing it?
Zack Korman@ZackKorman
Mythos is amazing.
English
@HarrySandh21970 i am a very wrong person anybody should take advice from, and I would advice you to not start cyber and do some work that mythos can't, like farming. (i am waiting for my bounty to buy some land in a remote village )
English
@BugBountyCenter sir i am beginner i want to learn cyber security&bug bounty but all are saying this is end leave this area
English
Mythos can autonomously find zero-days that have been hiding for decades
So if a human hunter finds a bug that Mythos missed... shouldn't that bounty be significantly higher? You literally outperformed "one of the most advanced AI models ever built"
#BugBounty
English
@badcrack3r i guess i will not be burning my tokens using mythos now.
English
@XTank0 @_xeloxa @Hacker0x01 My 2fa bypass on Hilton got duplicate with a informational report on h1
English
@_xeloxa @Hacker0x01 Always check the status of the report you got duplication for
Because sometimes you will find the report has been closed as N/A
Happened to me
English
ughhh another one of those super annoying things just happened DUPLICATE i just hope BBP didnt do something shady in the background coz honestly lots of people have been getting screwed over by BBP lately
English
@hetmehtaa Ctf's are unrealistic shit don't waste time on them instead do labs
English
Tenant Isolation Failure -> Cross-Organization Data Access
POC ->
1. Logged into Organization A
2. Intercepted API request containing tenant_id
3. Changed it to Organization B's ID
4. Accessed another organization's data
Learning ->
1. Never rely on client-supplied tenant IDs
2. Enforce tenant validation on every request
#BugBounty #CyberSecurity #BugBountyTips #InfoSec
English
I hated H1 from the start. Now they are making it easy for the community too ig
Ciarán Cotter@monkehack
Bug bounty is dying a slow death in real time. This is HackerOne’s attempt to generate some value in the AI bubble, so they have a hope of getting acquired by a company gobbler like Cisco. It’s ironic that their agent will just get worse over time as they drive their best hackers away.
English