EM

@bitfish 说话越来越ai化的感觉。

Agent 经济卡在一件事上：Agent 不能真正握钱 给它key，容易出安全问题 不给key，Agent 废 Cobo Agentic Wallet 换了一个动作—— 资产在MPC 钱包里， 执行权在 Agent 手里， 风控策略在中间把闸。 Agent 经济缺的那层基建，今天落地。

今年的一个核心主题 知识Memo化、方法Skill化 工作 Loop 化、产品RaaS化 横批： Agent直达结果 Result as a Service

10 years ago today, I quit my job, sold my house, and aped into #bitcoin. No, I am not saying you should do the same. Many people asked, how could you take such risks? Me, I knew I could easily get a job... Everyone's risk profile is different. Learn risk management.

The video and slides of my talk "A 3-Year Tale of Hacking a Pwn2Own Target..." are out. Hope this presentation somehow could be another reference to your next research! ➡️ Video: youtube.com/watch?v=uGofhl… ➡️ Slides: github.com/orangetw/My-Pr…

@slipper2023 Let’s drink together

Miss Dream in ADVENTURE Craft Beer🍺 #qufu

The attack surface of more and more general-purpose software is exposed, and many POC/EXP have been released! I think the impact of Log4j2 RCE this time will continue. There will be waves after waves, and there will even be various "mutations". It's COVID-19 in cyberspace!!!

#log4j2 #CVE-2021-44228 There are so many payload formats for log4j2 vulnerabilities, it's beyond your imagination. Most of the WAF rules can be easily bypassed. We open sourced a RASP protection tool specifically for log4j2. Link below. github.com/boundaryx/clou…

Retweet if your first IDA was blue

Proud!🥳

@FlowerCode_ tql

I am thrilled to share with you that #AppleEvent's abuse of adjectives is awesome, amazing, stunning, incredible and pro, like never before. I think you are going to love it.

awesome

How I alert(1) in Azure DevOps 5alt.me/2019/02/xss-in…

@4zure9 @magicxqq 运维阿杨

@magicxqq stretch-backports了解一下

Debian stable 很多包也太老了，滚到 testing 了。。

难产了一个月的DEF CON 26游记，只有中文版～ azure.kdays.cn/2018/09/07/DEF…

So, after almost 11 years, I'm gonna be leaving Google by the end of the month. It's been a fun ride.

PLEASE NOTE: This account and the email DO NOT belong to Wen Xu (gts3.org/~wen). I am a PhD student at GT now and no longer does vulnerability research in Shanghai. All the (later) posted 0days and exploits and the account owner's actions and words DO NOTHING WITH me. twitter.com/antlr7/status/…

@orange_8361 我也在东京XD

Saw quite a few fake KeenLab Jailbreak video/app, here I post the one I demonstrated at MOSEC 2017: youtu.be/34Kq33eiXzg

"Mandiant Internal networks and its clients data has been compromised" pastebin.com/raw/6HugrWH4 #LeakTheAnalyst #Mandiant

Our video demonstrate remote attack on Tesla (again): keenlab.tencent.com/zh/2017/07/27/…