Seclog - #74

ยท

3 min read

Seclog - #74

Photo by Sunguk Kim on Unsplash

From wonder into wonder existence opens. โ€” Laozi

๐Ÿ“š SecMisc

  • Prompt Firewall - AI/ML Security & Privacy - Explore the platform dedicated to AI/ML security and privacy. Read More

  • Remote Code Execution by Server-Side Template Injection in Model Metadata - Discover the advisory on a critical vulnerability in llama-cpp-python. Read More

  • Kubernetes LAN Party - by Wiz - Dive into the Kubernetes security challenge hosted by Wiz. Read More

  • 16 years of CVE-2008-0166 - Debian OpenSSL Bug - An analysis of the impact of the Debian OpenSSL bug on DKIM and BIMI in 2024. Read More

  • Building an AI AppSec Team - A guide by Srajan Gupta on forming an AI application security team. Read More

  • Talos releases new macOS open-source fuzzer - Details on the latest macOS fuzzer released by Talos. Read More

  • Ransomware Diaries Volume 5: Unmasking LockBit - Insights into the LockBit ransomware group. Read More

  • LLM Pentest: Leveraging Agent Integration For RCE - Learn about the integration of agents for remote code execution in pentesting. Read More

  • Geopolitical Cyber Risk Analysis - An in-depth look at the cyber risks associated with geopolitical events. Read More

  • Pivot to the Clouds: Cookie Theft in 2024 - Examination of cookie theft techniques in cloud environments. Read More

  • Why Pivot Root is Used for Containers - Understanding the use of pivot root in container environments. Read More

  • New WiFi Vulnerability: The SSID Confusion Attack - Analysis of a new WiFi vulnerability known as the SSID Confusion Attack. Read More

  • Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot - Insights into hacking Microsoft's healthcare chatbot. Read More

  • Send()-ing Myself Belated Christmas Gifts - A detailed look at environment variables and shell access on GitHub.com. Read More

  • Introducing BadDNS - by Paul Mueller - Introduction to the new DNS tool, BadDNS. Read More

๐ŸŽฅ SecVideo

  • GPT-4O JAILBREAK VIA IMAGE UPLOAD - Watch how the GPT-4 model was jailbroken using image uploads. Watch Here

๐Ÿ’ป SecGit

  • NHAS/wag: Simple Wireguard 2FA - Explore a tool for adding 2FA to Wireguard. Explore on GitHub

  • GJDuck/RRFuzz: Fuzz anything with Program Environment Fuzzing - Check out this tool for fuzzing applications. Explore on GitHub

  • unclecode/crawl4ai: ๐Ÿ”ฅ๐Ÿ•ท๏ธ Crawl4AI: Open-source LLM Friendly Web Crawler & Scrapper - An open-source web crawler and scraper optimized for LLMs. Explore on GitHub

  • PaulSec/API-dnsdumpster.com: (Unofficial) Python API for dnsdumpster.com - A Python API for interacting with dnsdumpster.com. Explore on GitHub

  • blacklanternsecurity/baddns: Check subdomains for subdomain takeovers and other DNS tomfoolery - A tool to check for subdomain takeovers and DNS issues. Explore on GitHub

  • openai/openai-security-bots - Security bots developed by OpenAI. Explore on GitHub

  • VirusTotal/yara-x: A rewrite of YARA in Rust. - Discover Yara-X, a Rust rewrite of the YARA tool. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

ย