RBAC-police is a CLI tool that lets you evaluate the RBAC permissions of service accounts, pods and nodes in Kubernetes clusters through policies written in Rego ➤ github.com/PaloAltoNetwor…

0a80425fb 😞

דחפו לי כדור הרגעה לפני ניתוח לייזר בעיניים כיף גדול וייבים טובים אווירה חשמל שוקל לאמץ ביום יום

My first K8s CVE 🥰 github.com/kubernetes/kub…

If you could infect any image on AWS ECR Public Gallery, which one would you choose? 👀 blog.lightspin.io/aws-ecr-public…

יושב בהוסטל עם אנשים שמערבבים קטשופ טחינה ומיונז🤢 לאן הגענו

git.kernel.org/pub/scm/linux/…

Hardly believe it but I won the 2022 GCP VRP prize! Massive THANKS to the Google VRP (Google Bug Hunters) team and my incredible colleagues Palo Alto Networks ❤️ Hats off to all the winners for their fantastic research🎉🎉 security.googleblog.com/2023/06/google…

This video. Watch it.

when I find a new attack surface but I need to convince my employer to give me time for research even though I have zero evidence whether it’s gonna work or not

Imagine being $300K+ in debt, with a felony record, and no diploma because TikTok said it's cool to hate Jews.

בי נשבעתי, בכל יום דניאלה, עד שתחזרי ויחזרו כל החטופים. ❤️

Thanks Microsoft Security Response Center 🩷

The creators of uv deserve a Nobel Prize.

We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part? The exploit is just three lines long 🤯 This is the story of #NVIDIAScape 🧵👇

Are you up for a challenge? I authored a container security challenge for the Wiz Ultimate Cloud Security Championship 🤩 Put your skills to the test and try it out! 👇 cloudsecuritychampionship.com/challenge/2

We (+Ronen Shustin) hacked NVIDIA's Triton AI server by abusing a single error message🚨 The result is unauthenticated RCE allowing attackers to compromise the server and steal proprietary AI models🤯 For more details & mitigations check out our blog Wiz wiz.io/blog/nvidia-tr…

Introducing ZERODAY.CLOUD🕵️‍♀️ Be the first to participate in the first-of-its-kind cloud hacking competition. 🤝 WIN PRIZES from our 4.5M$ prize pool. 💰 Register your exploit > zeroday.cloud Microsoft Security Response Center Amazon Web Services Google Cloud