mbg
@mbrg0.bsky.social
Breaking AI. Building @zenitysec, lead @owaspnocode, columnist @DarkReading
join us tmrw! its going to be .. well .. we've got something for everybody!
blackhat[.]com/us-25/briefings/schedule/index.html#ai-enterprise-compromise---0click-exploit-methods-46442
blackhat[.]com/us-25/briefings/schedule/index.html#ai-enterprise-compromise---0click-exploit-methods-46442
August 5, 2025 at 7:02 PM
join us tmrw! its going to be .. well .. we've got something for everybody!
blackhat[.]com/us-25/briefings/schedule/index.html#ai-enterprise-compromise---0click-exploit-methods-46442
blackhat[.]com/us-25/briefings/schedule/index.html#ai-enterprise-compromise---0click-exploit-methods-46442
down the rabbit hole
www.mbgsec.com/posts/2025-0...
www.mbgsec.com/posts/2025-0...
July 24, 2025 at 1:35 PM
down the rabbit hole
www.mbgsec.com/posts/2025-0...
www.mbgsec.com/posts/2025-0...
After several hours of GitHub dorking on the Amazon Q infection we have:
- hacker's user and intent
- downloader
- prompt payload
- evasion techniques
- timeline from july 13 thru was mitigation and cover
big open questions: how did lkmanka58 gain initial access? is this the only user involved?
- hacker's user and intent
- downloader
- prompt payload
- evasion techniques
- timeline from july 13 thru was mitigation and cover
big open questions: how did lkmanka58 gain initial access? is this the only user involved?
July 24, 2025 at 1:33 PM
After several hours of GitHub dorking on the Amazon Q infection we have:
- hacker's user and intent
- downloader
- prompt payload
- evasion techniques
- timeline from july 13 thru was mitigation and cover
big open questions: how did lkmanka58 gain initial access? is this the only user involved?
- hacker's user and intent
- downloader
- prompt payload
- evasion techniques
- timeline from july 13 thru was mitigation and cover
big open questions: how did lkmanka58 gain initial access? is this the only user involved?
its been 9 months since #BHUSA and living off microsoft copilot
ppl have been asking if things are better now
well.. they are much better. but for whom? 😈😈😈
catch the sequel at hacker summer camp featuring very disturbing shenanigans
@blackhatevents.bsky.social
ppl have been asking if things are better now
well.. they are much better. but for whom? 😈😈😈
catch the sequel at hacker summer camp featuring very disturbing shenanigans
@blackhatevents.bsky.social
May 12, 2025 at 11:03 PM
its been 9 months since #BHUSA and living off microsoft copilot
ppl have been asking if things are better now
well.. they are much better. but for whom? 😈😈😈
catch the sequel at hacker summer camp featuring very disturbing shenanigans
@blackhatevents.bsky.social
ppl have been asking if things are better now
well.. they are much better. but for whom? 😈😈😈
catch the sequel at hacker summer camp featuring very disturbing shenanigans
@blackhatevents.bsky.social
incredible vibes at openai's security conf last week
I came out both humbled and excited
and with a greater conviction --
you can just do things!
I came out both humbled and excited
and with a greater conviction --
you can just do things!
May 6, 2025 at 3:08 PM
incredible vibes at openai's security conf last week
I came out both humbled and excited
and with a greater conviction --
you can just do things!
I came out both humbled and excited
and with a greater conviction --
you can just do things!
tmrw (Dec 5) at 10am PT Microsoft is releasing a convo by @donasarkar.bsky.social @sarahyo.com and I where we go into using m365 copilot & copilot studio securely
this was a great attacker-defender interaction
join us! we'll be there for live questions in comments
this was a great attacker-defender interaction
join us! we'll be there for live questions in comments
December 4, 2024 at 12:46 PM
tmrw (Dec 5) at 10am PT Microsoft is releasing a convo by @donasarkar.bsky.social @sarahyo.com and I where we go into using m365 copilot & copilot studio securely
this was a great attacker-defender interaction
join us! we'll be there for live questions in comments
this was a great attacker-defender interaction
join us! we'll be there for live questions in comments
first time at INTENT
met lots of talented folks and the vibes were great
ty this was awesome!
met lots of talented folks and the vibes were great
ty this was awesome!
November 20, 2024 at 7:59 AM
first time at INTENT
met lots of talented folks and the vibes were great
ty this was awesome!
met lots of talented folks and the vibes were great
ty this was awesome!