using technology to create abundance--intelligence, energy, longevity, whatever--will not solve all problems and will not magically make everyone happy.

but it is an unequivocally great thing to do, and expands our option space.

to me, it feels like a moral imperative.

We did it!
AWS is now looking into the S3 bucket issue! 🎉

So apparently if someone knows / guesses the name of your S3 bucket - even if it's private (!) - they can just bankrupt you by sending infinite PUT requests and there is nothing you can do about it.
> requests get rejected
> but AWS still counts it as a write operation against…

We're all compromised, we just don't know it yet. Aren't we...

A thread of good romance comics/Mangas

CVE-2024-0381 The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-date, and … cve.org/CVERecord?id=C…

Sometimes you have to burn your old life to the ground to make room for the new one

Web Security vs. Binary Exploitation

🤔Question of the day: How to Spot CORS Misconfigurations?

It is almost year 2024, yet I continue to discover CORS misconfigurations, adding $$$ to my bug bounty earnings each month.

Here's my approach to finding CORS Issues:

1️⃣ Nuclei Scan - Identify vulnerable targets with…

A Survey on LLMs for Code

Great paper providing an overview (50+ pages) of LLMs for Code.

arxiv.org/abs/2311.07989…

'Be a doer, not a talker.'

Sam Altman proved it:

The doers won. The talkers lost.

Within a week of getting ousted as CEO of OpenAI:
— 710/770 employees threatened to quit
— Sam gets reinstated as CEO
— The board that ousted him gets fired.

Why would this be inevitable,…

Awesomely detailed post on #fuzzer #development by h0mbre ✊

Fuzzer Development: The Soul of a New Machine

h0mbre.github.io/New_Fuzzer_Pro…

infosec.exchange/@raptor/111453…

❤️🫡❤️

GPT-4 for personal tutoring: reddit.com/r/ChatGPT/comm…

I think the OpenAI board should resign

Getting started with the Assistants API?

Take a look at Ilan Bigio's comprehensive and friendly guide in the OpenAI Cookbook.

cookbook.openai.com/examples/assis…

Whisper is the best speech recognition system you can use. And it's open source!

There a dude in my gym who sold his IT security company last year, and made a very sizeable fortune. Saw him do a new startup last month, and asked him why. He said:

'Bro I tried everything. Picked up new hobbies, passions, bought cars, even did 6 month travel of South America.…

Holy crap -

SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures

sec.gov/news/press-rel…