Neogram

@mwfowlie @AnthropicAI what prompts?

With TWO prompts of Opus 4.7 this morning I spent 100% of my 20x Claude plan + 150 USD in credits. @AnthropicAI fix this

Finally, it is published 😁 Making Vulnerable Drivers Exploitable Without Hardware - my latest research on driver vulnerability hardware-gating, explaining the concept of hardware-dependent code and diving deep into creative deployment techniques - software-emulated phantom devices, driver restacking, and forced driver replacement — all explored through the lens of Bring Your Own Vulnerable Driver (BYOVD) attacks: atos.net/wp-content/upl…

bro made a whip for claude 😭

@Gamingtronium claude

What was the first programming language you ever learned?

Jenny was a Friend of Mine - MCPs and Friends blog.zsec.uk/bullyingllms/

Tired of reversing the same libc for the 100th time? 👀 Meet SightHouse, our open-source tool that automatically detects third-party library functions in binaries. High-confidence function mapping. Works with any disassembler. By @Mad5quirrel & Sami. 🔗 blog.quarkslab.com/sighthouse-aut…

AI just found critical vulnerabilities in Microsoft systems on its own. XBOW identified 3 critical RCEs, including one of the most severe issues in March’s Patch Tuesday and two in Bing with potential SYSTEM-level impact. No source code. Real environments. Real CVEs. AI is no longer assisting security research. It’s doing it. bit.ly/4bNBgWT

@rezoundous I changed to x20 MAX because of this

Dear Anthropic, please fix the Claude Code usage limit bug asap. My $100 plan feels like a $20 plan for almost a week now.

Xiaomi MiMo Token Plan is here. One subscription. All modalities. Build with MiMo-V2-Pro, Omni, and TTS. No 5-hour limits. No throttling. Transparent usage and billing. Just ship. Works with whatever you use: @openclaw, @opencode, @kilocode, @cline, @roocode Includes priority beta access to our newest models. 12% off your first purchase. TTS is free for now. Subscribe now → platform.xiaomimimo.com

Calif is Thai Duong's team. Thai Duong, of TLS BEAST and CRIME (and Wycheproof at Google). They had Claude shake a stick at FreeBSD, and got a reliable remote kernel RCE. This is happening. It's happening fast. It's going to get crazier. blog.calif.io/p/mad-bugs-cla…

If you have a spare 25 minutes I wholeheartedly recommend you watch Nicholas Carlini - Black-hat LLMs. Link in the comment below. Amazing talk on the way LLMs are making it easier to find critical software vulnerabilities - Anthropic's LLM discovered a non-trivial heap buffer overflow in the Linux kernel that's been there since 2003..! The future is both exciting and scary. LLMs and AI should be used, as demonstrated here, as a force multiplier for analysts, researchers and developers. I also think LLMs are a good way for people to learn, so long as they do not just copy paste AI output blindly, and treat it as a pair programmer / colleague they converse with to learn and grow. LLMs are also pretty good at hunting through documentation, it's like a knife through butter - you can then go verify what it comes back with and use that as an off point. A tool in your toolbox - not to be someone's sole skill. And remember, always validate the output. Personal take - hopefully we see growth with LLMs over the coming months and years to make software more secure through QA such as in the video looking for vulnerabilities, and LLMs used in Cyber Security to help identify and detect threats from logs sooner, being an assistant to analysts. Great question at the end (simplified): How do we prevent threat actors from abusing this; A: Security is dual use - historically security software tooling has favoured the defender over the attacker, maybe that will change. The good people should have access to the software - they want the good people to use the software to find the bugs, but putting the right safeguards in place is hard and nuanced, they think currently it is ok, but still room for change.

thrunt-god - Threat hunting command system for agentic IDEs github.com/backbay-labs/t…

I've been running a 24/7 AI agent on a Mac Mini for 2 months. 18 cron jobs, 35 scripts, 6 custom skills, a structured context system that makes every session smarter than the last. total cost: $21/month. this is the most complete guide I've ever written.

@therahul4402 full day vibecoding

How many hours do you code daily? 👇 Be honest…

@vishaltweetup copilot

be honest, which AI is the worst? • Gemini • Claude • Grok • Meta • ChatGPT • Copilot • DeepSeek

@heyshipz aftermath of violence

zoom in. tell me the FIRST word you see.

@ritu_twts no

be honest, are you still loyal to ChatGPT?

@mr_phrazer @c3rb3ru5d3d53c Did you try local llms?

The recording of my first Binary Cartography webinar is now public: Agentic Reverse Engineering: How AI Agents Are Changing Binary Analysis Topics: keygenning, cracking & anti-tamper removal Recording: youtube.com/watch?v=DZcDaX… Slides/code/samples: github.com/mrphrazer/bina…