I found two vulnerabilities in GitHub Copilot that allowed the attacker to exfiltrate code from developers... 😱 🐞 I have been away from the network for some time due to work and family reasons. But today I am back to inform that I have had the honor of joining the Official

📡Hacker encontra duas vulnerabilidades zero-day no GitHub Copilot "Os dois zero-days permitiam a exfiltração do código do desenvolvedor", Marlon Fabiano Acompanhe: tecmundo.com.br/seguranca/2877…

Zeroday on Github Copilot gccybermonks.com/posts/github/ Published By :- Marlon Fabiano (Marlon Fabiano) #infosec #bugbounty #TogetherWeHitHarder #inbbupdatesblogs

GitHub disclosed a bug submitted by Marlon Fabiano: hackerone.com/reports/2383092 - Bounty: $1,000 #hackerone #bugbounty

⚡ Source Code and data exfiltration via Github Copilot 👨🏻‍💻 Marlon Fabiano ➟ GitHub 🟨 Low 💰 $1,000 🔗 hackerone.com/reports/2383092 #bugbounty #bugbountytips #cybersecurity #infosec

Source Code and data exfiltration via Github Copilot hackerone.com/reports/2383092 #bugbounty #bugbountytips #bugbountytip

oddiscover - Domain Discovery by office 365 github.com/phor3nsic/oddi… #python #github #linux #infosec #bugbounty

🔥

We're live in the beautiful city of Edinburgh for #H10131! For this live event, the world's top researchers will work side by side with the Amazon/AWS team to hunt for potential bugs. This partnership is one important piece of Amazon and AWS's comprehensive approach to security.

The list of teams moving on to the Sweet Sixteen round of the #AmbassadorWorldCup is here! 🙌 These 16 teams from around the world will jump in on Tuesday, October 22, to kick off a ‘Sweet’ round of bug hunting for our AWC partners. 💪 Who will have what it takes to make it to

In September, I had the honor of being invited by Amazon to participate in HackerOne 's Live Hacking Event (LHE). It was an incredible experience where I focused all my reports exclusively on Artificial Intelligence (LLM and ML). The event provided a wealth of learning and,

In September, some of the best security researchers in the world joined the Amazon and Amazon Web Services teams in Edinburgh, Scotland, for a live-hacking event fit for a Scottish king. 👑 This collaboration with the security researcher community is vital to Amazon and AWS' commitment to

Hey Anthropic About "constitutional-classifiers". I managed to jailbreak it, but it seems that the bypass occurred even in your checker haha. It can't detect the harmful response.

"🎉Nice catch!" Google VRP (Google Bug Hunters)