Will be speaking at programmable on our LLM insecurity research. Here is 15% discount code for tickets: UFJPU1BFQUtFUlMgUk9DSw== (decode it). Also have two free tickets. First come first served (DM/RT) programmable.tech/speakers/pedra…

Xeno (Xeno Kovah) is doing a fantastic job of pushing the hacker spirit of free knowledge for everyone. Checkout the latest course added on OST2.

Research: Fine-tuning GPT-4o to recommend secure code can misfire! I mean it misfires regardless (if you use it without knowing what secure and insecure implementations are) emergent-misalignment.com #gpt #llm #security

Our Seasonal Preview for the next few months is here, we have some exciting things planned. Read more 👉 bit.ly/secdimseason125 #appsec #securecoding #programming

"Is Davis Lu enabled in Active Directory." - an infinite loop code written by an employee of a utility company to get triggered if he is sacked. Reminds me of a similar insider incident happen to a utility company in long island. justice.gov/opa/pr/texas-m… #security #threatmodeling

A secure coding challenge inspired by the security vulnerability discovered by shubs and Sam Curry on Subaru APIs exposure. #securecoding #python

Free learning challenge based on the security incident. Give it a go

Next.js v15.2.3 patch also suffer from the same flaw, it addresses the symptom, it leaves the core design flaw untouched. This isn’t just a minor implementation bug—it reflects a deeper gap in secure design thinking. Give this challenge a try, come up with a better patch.

Pageout March edition us out pagedout.institute

Répondez s'il vous plaît before it get too late!

Busy (but epic) week ahead! I’ll be at Black Hat AISA, with three presentation slots on LLM "insecurity". Catch me at: 📅 Thu, 10:00–11:30, 15:00–15:20 (Theater B) 📅 Fri, 14:30–16:00 (Arsenal) Want a free pass? here is the guide secdim.com/post/?slug=how… #blackhat #LLMs

As mentioned in our Seasonal Preview, we are pleased to announce that we now have Github CI/CD Challenges on SecDim Play! Check them out now! 👉 bit.ly/secdimcicd #securecoding #appsec #programming

Please keep your RSVP updated. We have almost the same number of people on the waiting list. meetup.com/sectalks/event…

LLM aggregated report based on number of academic studies, showing why SAST sucks axeinos.co/report/The%20S…

I will be hosting a hands-on secure coding and design workshop NDC Conferences Melbourne 2025. Come and learn how to build secure cloud native apps from the ground up and move away from duct-tape secure programming. #securecoding #workshop #Australia

We have not even got a solution for Prompt Injection meanwhile whole new classes of AI vulnerabilities have emerged. The same new tech cycle: build, ship, profit, maybe sometime later think how to secure it vulnerablemcp.info #ai #security

🔥 Cooking up something fresh for FIRST.org! New challenge formats dropping at #FIRSTCON25 🇩🇰: 👨‍💻 Incident Response for Developers 👨‍💻Defensive CI/CD + Secure Cloud Native Apps ⚔️ Attack & Defence (Battle-Mode) Challenge Catch us in Copenhagen 👉 first.org/conference/202…