AI Might Make Everything Amazing
The incredible benefits that could arrive within 5-10 years August 14, 2025 What I wanna talk about is: if we...
Read more →Category: Mix
![[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google's Insider Threat Detection Tool](https://cybernoz.com/wp-content/uploads/2025/08/tldr-sec-292-HTTP11-must-die-AI-SAST-Googles-360x270.png "[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google's Insider Threat Detection Tool 2")
[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google’s Insider Threat Detection Tool
James Kettle argues HTTP/1.1 can never be fully secured, augmenting static analysis with LLMs, Google’s talk + OSS tool for...
Read more →Lessons for API and AI Security
IBM’s 2025 Cost of a Data Breach Report offers one of the clearest and most comprehensive views yet of how...
Read more →
Before bounties: know your assets
If you are unaware of what’s running in your environment, you can’t patch, monitor, or secure it. The simple fact...
Read more →
Hacking misconfigured Firebase targets: A complete guide
Google Firebase is a popular back-end application development platform that provides several built-in components and services, allowing developers to seamlessly...
Read more →I’m Worried It Might Get Really Bad
I’m starting to worry things might get very bad, very soon. Not like in a year or two, but maybe...
Read more →Why Dwarkesh Is Wrong About AGI
Dwarkesh Patel is one of my favorite thinkers right now. I just love the intensity of his curiosity. I love...
Read more →The Worst AI Metric
The “how many r’s in strawberry” test for AI intelligence is dumb. As a writer to write a quality sentence...
Read more →![[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review](https://cybernoz.com/wp-content/uploads/2025/08/tldr-sec-291-Build-a-GuardDuty-Triage-Agent-Scaling.png "[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review 10")
[tl;dr sec] #291 – Build a GuardDuty Triage Agent, Scaling Netflix’s Threat Detection Pipelines, Claude for Security Review
Hacker Summer Camp Once more, hackers have descended onto Vegas for our annual Hacker Summer Camp pilgrimage. I hope you...
Read more →
The Desync Delusion: Are You Really Protected Against HTTP Request Smuggling?
Andrzej Matykiewicz | 06 August 2025 at 22:22 UTC The Hidden Threat That’s Slipping Past Your Security HTTP request smuggling...
Read more →
HTTP/1.1 Must Die: What This Means for Contract Pentesters and MSSPs
Andrzej Matykiewicz | 06 August 2025 at 22:23 UTC At Black Hat USA and DEFCON 2025, PortSwigger’s Director of Research,...
Read more →
HTTP/1.1 Must Die: What This Means for Bug Bounty Hunters
Andrzej Matykiewicz | 06 August 2025 at 22:23 UTC At Black Hat USA and DEFCON 2025, PortSwigger’s Director of Research,...
Read more →