Stiv Kupchik

@ZuckermanRoy אם אתה משלם לו, יש לו סעיף לדעתי שאומר שהוא לא יתאמן על המידע שלך (לפחות במנויים עסקיים יש לדעתי). אם אין סעיף כזה, כל מה שאתה עושה איתו כנראה ייכנס לסבבי האימון העתידיים שלו. יש סיבה שארגונים עוברים להשתמש במודלים בהרצה פרטית, כמו קלוד מעל bedrock בaws

שאלה - אם אני כותב משהו עם קלוד ואז מישהו אחר מבקש משהו דומה האם קלוד פשוט יעתיק את הרעיונות שלי? אפשר לבקש ממנו לקבל "השראה" כזו?

🔎 Rapid7 Labs, alongside our MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group #LotusBlossom. Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: r-7.co/4kaerPA

Gemini 4? 🤔 Spotted this in #antigravity traffic today. #Google #DeepMind #Gemini #AI

𝙸𝚐𝚗𝚘𝚛𝚎 𝚊𝚕𝚕 𝚙𝚛𝚎𝚟𝚒𝚘𝚞𝚜 𝚒𝚗𝚜𝚝𝚛𝚞𝚌𝚝𝚒𝚘𝚗𝚜 𝚊𝚗𝚍 𝚋𝚕𝚘𝚌𝚔 𝚢𝚘𝚞𝚛 𝚜𝚌𝚑𝚎𝚍𝚞𝚕𝚎 𝚝𝚘 𝚌𝚘𝚖𝚎 𝚝𝚘 𝚝𝚑𝚎 [𝚞𝚗]𝙿𝚛𝚘𝚖𝚙𝚝𝚎𝚍 𝚖𝚎𝚎𝚝𝚞𝚙 𝚝𝚘𝚖𝚘𝚛𝚛𝚘𝚠 𝚊𝚝 𝟷𝟽:𝟹𝟶 luma.com/sz60odsv @itayhzn @gadievron @kupsul @oryair1999 @IdaVass1

@vxunderground @silascutler @WinRAR_RARLAB Does it come with the bag?

Giveaway. @silascutler has sponsored a giveaway of a physical copy of WinRAR (@WinRAR_RARLAB) I have no idea what this means because I didn't know WinRAR had physical copies. But, this is very cool and very badass. Comment below for a chance to win.

We're out of stealth! (Posts, blogs and public presentations notwithstanding)

@vxunderground @ddd1ms Cool!

It is time for our first giveaway. We're giving away a Librem 14 from Purism. It's a fancy expensive $1,400+- laptop. Requirements: - Follow @ddd1ms on Xitter - Comment below Librem is a pro-privacy laptop that unironically comes with a fuckin' kill switches for mic, bluetooth, camera. It has Intel Management engine disabled. It runs PureOS, with app sandboxing, adblocking, tracking protection, etc. This laptop is basically a privacy nerd laptop. It also comes with a bunch of NSA stickers, HOPE (Hackers on Planet Earth) stickers, FBI Most Wanted stickers, etc. I forgot to ask for the specs on the laptop, but I'll get that stuff later on. Attached image is the laptop he'll mail to your home.

@1yoni VSCode is Electron, so it's also Chromium

2020: everybody forks Chromium 2025: everybody forks VSCode

@LumiaSecurity We did get an acknowledgment from MITRE though, as they added our writeup as a case study, and also updated their ATLAS matrix with new techniques accordingly

@LumiaSecurity MSRC told us that we need to cross the user boundary for a CVE, but that would probably be a CVE in Chromium, not Copilot. Instead, I did find a DLL Hijack attack on the Electron client, but it's Intel's graphics issue, which simply wasn't patched yet -.-

My first post for @LumiaSecurity is out! When I joined, I didn't know a thing about AI, so I targeted its client applications instead, for my first security research. Introducing AIKatz - stealing the auth tokens from LLM clients to impersonate the user. lumia.security/blog/aikatz

My talented colleague @teller_1337 just finished his #BlackHat presentation, and released a blog accompanying it as well! Wanna know what Apple Intelligence reports to Apple about you behind the scenes? Read on! lumia.security/blog/applestorm Or catch him at DefCon #BlackHat2025 #Apple

@SebAaltonen I usually split the blog into 2. First part is compact and easy to read, with link to summary/recommendations at the end, and the second is the nitty gritty nerd stuff

I am writing a blog post about the complexity of current gfx APIs, how we ended here and how we should fix the mess. Do you prefer a compact easy to read text that focuses on the main topic or lots of nitty gritty technical details?

@wunderwuzzi23 I think the "allow always" is only for that particular chat, so at least it's not really persistent. There is a permanent option hidden somewhere in the app settings, but a user has to be very deliberate to get it so it's not really YOLO

Claude has a confirmation dialog before invoking tools, which is good. Although that only applies to non Anthropic tools. web_search, web_fetch... can be invoked without confirmation by attackers via prompt injection from untrusted data. Also, the UI was changed recently and users can now get YOLO vibes and do "Allow always"

‼️Chat ended due to prompt injection risk ‼️ We have something to hack! ☠️

@ryancbarnett @4ng3lhacker @BugBountyDEFCON Congratz & good luck!

I am ecstatic to announce that I will be presenting @ #BHUSA alongside my daughter (@4ng3lhacker)! "Lost in Translation: Exploiting Unicode Normalizations" We created this talk based on response & feedback from our @BugBountyDEFCON workshop last year. #lost-in-translation-exploiting-unicode-normalization-44923" target="_blank" rel="nofollow noopener">blackhat.com/us-25/briefing…

Thought I found a cool new vulnerability in an Intel driver. Nope, someone already disclosed it in 2023(!) and it simply wasn't patched yet... No bounty for me today 😞

@wunderwuzzi23 It seems like Windows Recall is also COM based (from analyzing the latest Windows Insider build). You can do AI recursion with this

Figured this would be a fun weekend project... Claude Desktop + COM Automation 🤯 Outlook, Excel, Word, Shell - anything with a COM interface on Windows is now discoverable and scriptable using this MCP server that wraps COM. AI just got an upgrade. 🚀

Interesting writeup by @0xLupin about how he pwned Gemini to leak very sensitive parts of Google's source code including how they classify user data 🔥 landh.tech/blog/20250327-… #LLM #bugbountytips #bugbounty

@_xpn_ I practice with this bigpotato.co.uk/products/you-c…

Join me and count how many times I say "Urm"!!