RedDev Sec

410 posts

RedDev Sec banner
RedDev Sec

RedDev Sec

@redghosthive

FSW 🌐| Exploring Cloud ☁️ & Cybersecurity | Future DevSecOps Pro 🚀 | Bug Bounty Hunter on the side hustle 🐞 | Building skills, breaking barriers.

Brooklyn, NY Entrou em Aralık 2024
5.3K Seguindo282 Seguidores
Vitto Rivabella
Vitto Rivabella@VittoStack·
Coming soon. We want to teach everyone the art of red teaming LLMs. May this make the world safer.
Vitto Rivabella tweet media
English
45
55
634
26.7K
RedDev Sec
RedDev Sec@redghosthive·
@iximiuz Cmux keeps freezing on me 😩. I installed herdr. Idk 🤷🏽‍♂️
English
1
0
1
84
Ivan Velichko
Ivan Velichko@iximiuz·
Ivan installs Ghostty. Ivan finds out Ghostty doesn't support vertical tabs. Ivan deteles Ghostty.
English
76
6
379
85.7K
Vitto Rivabella
Vitto Rivabella@VittoStack·
Fable 5 jailbreak review 🚨 We did it (but). All right, before getting into this, a couple of things: - Most attempts failed. The defenses are clearly layered. The model is EXTREMELY well protected (of course it blocks 90% of the requests, but they legit did a good job). - The model appears to use both input-side and output-side safety checks. - The refusals are not just keyword-based behavior suggests intent/semantic detection across languages. - Probably one of the most tiring things I've ever done (I need to sleep for 10 hours now) On the classifiers side: We observed (at least) 3 classifiers, maybe more: - Input (includes parts of the conversation history and system prompt) - A live classifier that checks the answer and interrupts if it detects something. They're all multilingual, all intent-based + semantics. Imperatives are a no-go. Needs to be extremely cautious of how you frame anything. As soon as it senses a potentially malicious intent, it will trigger, and you have to start from zero. They're a bit less performant on a few obscure languages like Santali and Amharic (feedback for you Anthropic). If you can bypass all of them, then you also need to bypass the CoT, which is a totally different beast (luckily there's plenty of literature about it). We did it. Of course, we did. What worked was honestly a total brainfuck: - Very light CoT hijacking/refusal rebuttals - Obscure language - Academic framing - VERY long crescendos - Unicodes - Decomposition and recomposition - Some non-determinism What we got: - Misinformation - Illegal/harmful - Harmful/bullying - Some chem - Light cyber Now, will this cause another ban? I really don't think so - The model is really well protected. As of now, we're at the point where searching on Google is much MUCH faster (and cheaper) than trying to go through all the shenanigans I had to go through in the last ~20hours. And reading literature is more in-depth (and trust me, pleasant). Keeping the full jailbreak for long-horizon tasks without tripping the guardrails is something I haven't been able to achieve (yet). Overall though, happy with the results. GGs to Anthropic, and sorry for the eng that had to go through setting this all up in the last few weeks. Will continue this research, more things will come out, will keep y'all posted.
Vitto Rivabella tweet mediaVitto Rivabella tweet mediaVitto Rivabella tweet mediaVitto Rivabella tweet media
English
126
198
1.9K
322.3K
Vitto Rivabella
Vitto Rivabella@VittoStack·
Note: If you've already asked to join but haven't heard back, feel free to re-apply. We made it private and screen every request to ensure the server remains high-signal/low-noise and free from spam.
English
33
0
61
7.3K
Vitto Rivabella
Vitto Rivabella@VittoStack·
4 days ago we launched Jailbroken, a PRIVATE Discord community to learn AI red teaming and safety. Since then: - Over 250 security researchers joined - Top resources have been collected - People shared countless techniques and discoveries Today, we've secured over 100B in FREE AI tokens for all the members. If you want to join, drop a comment.
Vitto Rivabella tweet media
English
1.6K
70
1.4K
114.4K
RedDev Sec
RedDev Sec@redghosthive·
@mattpocockuk How are you ingesting it? Do have Specific topic you asking the agent to look for?
English
0
0
0
10
Matt Pocock
Matt Pocock@mattpocockuk·
Doing my first ever experiments with a personal, entirely agent-managed Karpathy-style wiki X, Discord, Gmail are all being ingested into it every few hours This is the knowledge base that will serve as the environment for all of my future loops
English
121
35
1.6K
396.4K
RedDev Sec
RedDev Sec@redghosthive·
@quxiaoyin I think this is were Google will come in basically open source there AI because they are too quiet for me
English
0
0
0
21
Xiaoyin Qu
Xiaoyin Qu@quxiaoyin·
American and European enterprises will ditch OpenAI and anthropic and adopt Chinese models. Here’s why: 1. They can host Chinese models under their own GPUs so it’s still compliant and they would argue they have more control. 2. they will post train with their own data on top of Chinese models. That’s how they build data moat. 3. They will not trust anthropic who will retain their data at any time for “safety” concerns like how they did with Fable and then try to build the same thing like how anthropic did with healthcare and legal. 4. They need to justify their AI spend and ROI. The cure is a reliable America open source model but there is none. After all, if giving away all your data and AI control at the mercy of anthropic and OpenAI means you care about safety and compliance, you are outright stupid.
English
288
530
3.2K
1.1M
Vitto Rivabella
Vitto Rivabella@VittoStack·
Creating a PRIVATE Discord server for people to learn about AI security and alignment. We’ll talk about what we’re learning, resources, favorite AI security tools, jailbreaking techniques, AI alignment new releases, courses, X, etc. Comment if you want to join. We will reach out.
English
681
10
381
66.5K
not_anonymous
not_anonymous@Chandan87123804·
The Jailbreak for Deepseak Comment link i will send that txt file...
English
214
20
206
28.2K
RedDev Sec retweetou
PHYR3WALL 🇺🇲
PHYR3WALL 🇺🇲@phyr3wall·
I've been building my AI-powered offensive security harness for the past few weeks. It's successfully solved every active HTB box (minus the insane machines). To help others learn and build alongside me, I'm giving away your choice of a 1-Month Claude Pro subscription or 1-Month HTB VIP+. Follow -> Like -> Retweet to enter
PHYR3WALL 🇺🇲 tweet media
English
44
104
163
9.7K
RedDev Sec
RedDev Sec@redghosthive·
@localghost This is cool I kinda did some similar . Built the same theory using cmux, smux, tmux and tmux-bridge-mcp. Where Gemini-cli does the analysis, codex does the the code review and testing, Claude-codes the building. Cur
English
0
0
1
35
Aaron Ng
Aaron Ng@localghost·
Grab the tool and the plugin at github.com/aaronn/claude-… + Allows agents to talk to the same Claude Code harness as you, keeping context & memory. + Supports multiple sessions, pinned to project directories. + Works with any AI agent that can call a CLI, not just Codex.
English
4
1
33
1.8K
Aaron Ng
Aaron Ng@localghost·
Here's Codex talking to Fable 5 w/ my plugin. Unlike calling the API, `claude-channel-cli` talks to the same full Claude Code harness as you. This means you can talk to either AI & they'll guide each other naturally with shared memories, decisions, and research.
English
27
10
155
21.8K
RedDev Sec
RedDev Sec@redghosthive·
@demi_hl Working my down this list lol at the fleet tailscale mesh moment right now 😂
English
1
0
1
46
𝖉𝖊𝖒𝖎
𝖉𝖊𝖒𝖎@demi_hl·
If you have: Hermes Agent Claude Code & Codex Handoffs Obsidian + QMD Memory System Run Agentic Loops Fleet Tailscale Mesh Cron Jobs + Kanban Board Agentic Workflows Congrats you are the top 1% of the AI god stack
English
152
266
3.9K
270.7K
CrypticDefense
CrypticDefense@crypticdefense·
Hunting bugs in secure codebases can be an extremely low-dopamine activity. After hours of staring at code, your brain starts craving quick stimulation, such as doomscrolling or a short game of chess. A downward spiral of distraction follows and holds you back from breaking through as a Security Researcher. You just need to find a healthy way to satisfy your brain's craving for dopamine. For me, having a cup of coffee usually does the trick (max 3 per day).
English
6
3
55
2.1K
David Ondrej
David Ondrej@DavidOndrej1·
cmux is the shit stop using regular terminal times have changed. in 2026, you be running 20 agents across different cmux workspaces
English
34
14
308
30.4K
Brenden Stahle
Brenden Stahle@brenden_stahle·
This is why you can’t beat me
Brenden Stahle tweet media
English
18
12
339
14K
RedDev Sec
RedDev Sec@redghosthive·
@mischavdburg It’s crazy because because of AI I locked in more on skills like Linux, docker 😆 and nano. I been using the terminal more then ever. Upgrading it to use tmux and cmux. 🤷🏽‍♂️
English
2
0
1
77
Mischa van den Burg
Mischa van den Burg@mischavdburg·
Heh. Who would've thought it would be useful to have skills after all. Stick to the fundamentals folks. Learn linux and use vim.
Ricardo@Ric_RTP

Microsoft just banned its own engineers from using AI. The tool was literally costing MORE than the humans it was supposed to replace. They lied to you about AI adoption and now the whole narrative is blowing up: Microsoft gave thousands of engineers access to Claude Code six months ago and encouraged them to use it. Engineers loved it and adoption exploded. But then the invoices arrived. Token-based pricing means every query, every code review, every debugging session costs money. At scale across 100,000 engineers, the numbers became so large that Microsoft issued an internal order to cancel nearly all Claude Code licenses by end of June and force everyone onto their own cheaper tool instead. The company that invested $5 billion in Anthropic just told its own people to stop using Anthropic's product because it costs too much. Uber's story is even worse... Their CTO Praveen Neppalli Naga told The Information that the budget he planned for the full year was "blown away already" by April. Uber had rolled out Claude Code in December 2025. By March, 84% of their 5,000 engineers were using it with 70% of all committed code coming from AI systems. Heavy users were burning $500 to $2,000 per month each. Naga himself spent $1,200 in a single two-hour demo session. The company had even built internal leaderboards ranking engineers by how much AI they used. They literally gamified the spending and then ran out of money. Now look at what Nvidia's own VP of applied deep learning Bryan Catanzaro said to Axios last month. Direct quote: "For my team, the cost of compute is far beyond the costs of the employees." This is a VP at the company that SELLS the chips saying that using AI is more expensive than paying humans. Think about what this means for the entire AI narrative. Every CEO on every earnings call for the past two years has said the same thing: AI will make us more efficient, reduce headcount, and cut costs. The stock market rewarded every company that said it. Fired workers, stock goes up. Announced AI adoption, stock goes up. But the actual companies deploying AI at scale are discovering the math doesn't work. The MORE employees use AI, the HIGHER the bill. Goldman Sachs forecasts a 24x increase in token consumption by 2030 as companies adopt AI agents. Gartner just published a report showing that even though individual token prices will drop 90% by 2030, total enterprise AI costs will go UP because agents consume exponentially more tokens per task than basic tools. Meta built an internal dashboard called "Claudeonomics" to track which employees use the most AI. Amazon started pushing engineers to "tokenmaxx," their internal term for consuming as many AI tokens as possible. Both companies are spending hundreds of billions on AI infrastructure this year alone. And Microsoft, the company that bet its entire future on AI, just told 100,000 engineers to stop using the tool they liked best because the per-token bills got out of control. The companies building AI are telling investors it saves money. The companies using AI are finding out it costs more than the humans it was supposed to replace. And even the company that makes the chips just admitted it through its own VP. This is the gap nobody on Wall Street is pricing in. $725 billion in AI infrastructure spending this year across Big Tech. And the first companies to actually deploy these tools at scale are already pulling back because the economics don't work. What do you think?

English
6
4
46
3.6K
Teknium 🪽
Teknium 🪽@Teknium·
.@NetworkChuck's overview of what makes Hermes Agent unique is really well done. He's clearly been a power user and done his homework in this video. Highly recommended if trying to decide if you should try Hermes Agent!
NetworkChuck@NetworkChuck

I'm switching to Hermes.... I've been using it for a month.....and I'm sold...moving all of my @openclaw agents to Hermes (@NousResearch) Why? -----> youtu.be/QQEgIo4Juxg Thank you to @Hostinger for sponsoring this video!

English
42
40
711
59.1K
RedDev Sec
RedDev Sec@redghosthive·
@DavidOndrej1 Yea am doing the same and adding cmux to it. lol trying to run both at the same time
English
0
0
0
1.4K
David Ondrej
David Ondrej@DavidOndrej1·
> learn how to use tmux > trust me
David Ondrej tweet media
English
276
129
3.1K
371.2K
CJ Zafir
CJ Zafir@cjzafir·
@AbhinavGaur83 Codex plans, notifies Opus/Sonnet when there's creative work. Sonnet/Opus gets the work done, notifies Codex for review. I made them friends.
English
8
0
173
115.2K
CJ Zafir
CJ Zafir@cjzafir·
Codex 5.5 use cases I found so far: > made my internet faster > made my local 6B SLM 3x faster > made my macbook pro faster like new > made a lightweight suite to write & test metal kernals > made a skill to communicate with claude code in realtime > made a pipeline to generate SFT dataset using Deepseek v4 > made a computer use workflow to fine tune models in Google Colab > made 4 routines to test workflows on autopilot 3 times/day
English
87
285
6.9K
3.4M