he's so real for that...
malware, osint, and other stuff
djnn
@djnn1337@infosec.exchange
- 1 Followers
- 36 Following
- 16 Posts
this CVE (https://securityonline.info/critical-hikvision-applyct-flaw-cve-2025-34067-cvss-10-0-unauthenticated-rce-via-fastjson/) was publicly available on github for 3 years lol:
Mr. Bill"Capitalism’s grow-or-die imperative stands radically at odds with ecology’s imperative of interdependence and limit. The two imperatives can no longer coexist with each other; nor can any society founded on the myth that they can be reconciled hope to survive. Either we will establish an ecological society or society will go under for everyone, irrespective of his or her status."
Ursula K. Le Guin
Bob YoungAdobe is now processing all your PDFs in the cloud, by default. The setting to “Enable generative AI features in Acrobat” was on, and I didn’t know it until I opened a document and Adobe asked me if I wanted a document summary. It’s annoying to have to click “No,” so I opened settings to disable the prompt.
THE PROBLEM
I sign Non-Disclosure Agreements for many of my clients. Adobe is a potential leak of protected information. I don’t know what Adobe does with this information. I don’t know what they store, or for how long. I don’t know what country (or countries) the data is stored in. I don’t know what LLMs are trained with this data. And I don’t need to know. What I need to know is that they won’t use default opt-in as a legal excuse to wiretap my information.
I recommend that you check your Adobe settings on all devices, for all Adobe accounts.
@malwaretech what if you ask it about another malware that has similarly been stopped by a domain-name killswitch ? Would it also give you credit ?
it seems to me like it associates you not by your name directly, but because there is "Malware" in your name
Marcus Hutchins 
Had a very surprising ChatGPT experience: asked it to generate a quick summary of the WannaCry ransomware, and instead of referencing the person who stopped it by name, it simply put "(you)". When I asked it how it was able to identify that it was me, it citied its own message as something I'd said.
After pointing out I didn't say that, it did, ChatGPT replied that it was able to infer it by my account username and what it'd learned from my skillset across various chats. Not 100% sure if that's how it actually did it. Either way, pretty cool, but also a little bit scary.
It's pretty widely known that many tech companies, especially advertising ones build comprehensive profiles on their users, but it's rare that you get to talk to said profile and figure out what it knows about you.
also, this is kinda old but might be more useful to you lol
release some stuff. there isnt too many use for these projects but who knows. maybe you'll find it useful at some point lol
intro to browser security research: https://docs.google.com/presentation/d/1rEPiqV0KBHAI0lVym283OHzYRXNCCuGudmDby1Z1qyc/mobilepresent?pli=1#slide=id.g35bbe1b1b99_0_108
Мя 
��