Just some personal thoughts on why you shouldn't force yourself to become a bug bounty hunter - samcurry.net/dont-force-you…

Pwning SriHome: Chapter 3 deathflash.xyz/blog/pwning-sr…

After that excellent first Hacker Mixer, I am organising one more on 10th July (Wednesday) in Hyderabad. Hackers in Hyd, go ahead and register. lu.ma/y19prv4d

I'm excited to be selected as a Subject Matter Expert by Hack The Box, sharing insights to help over 2 million professionals learn and grow. Thank you, HTB, for this incredible opportunity! #Cybersecurity #HackTheBox

On the nVidia blog: “Defending AI Model Files from Unauthorized Access with Canaries” 💪💚✊️ developer.nvidia.com/blog/defending…

We slipped one of these in the bags at BSides Joburg this weekend because we are looking for amazing support engineers (to join our amazing support engineers). "If you’re driven by a commitment to excellence with impeccable attention to detail, you need to join us" Join us!

Decided to start an IoT hacking blog! The blog will be featuring the best projects from my YouTube vids. First post details the reverse engineering of the VStarcam CB73 security camera. brownfinesecurity.com/blog/vstarcam-…

Honest 😂

Best cosplay of 2024?

Big thanks to OffSec's UGC program for kickstarting my journey! 🚀 - How it started: Built vulnerable machines, earned OSCP, and joined OffSec as a VM Engineer - How it’s going: Still building & breaking boxes! 🔥 Grateful for the ride and excited for the future! 🙌

D'oh, so you leaked your AWS credentials 🤦‍♂️ Does it matter 𝐰𝐡𝐞𝐫𝐞? It turns out there's a HUGE difference in how fast attackers will find them. Idan Ben Ari deployed canary tokens (fake AWS credentials) using Thinkst Canary to a number of different locations and analyzed:

t i m e

The exploding Hezbollah pagers situation is an incredibly impressive supply chain attack by Israel (most likely). I am sure more details will come, but there are already some educated guesses to be made that narrow it down. 🧵1/n

gaining access to anyones browser without them even visiting a website (CVE-2024-45489) kibty.town/blog/arc/

New writeup from ꙅɿɘƚɔɘqꙅ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate. Full disclosure: samcurry.net/hacking-kia