Two months of Burp AI: empowering security testers with the future of AppSec | Blog
Amelia Coen | 13 June 2025 at 13:51 UTC It’s been a whirlwind two months since AI-powered features landed in...
Read more →Category: Mix
![[tl;dr sec] #283 - Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI](https://cybernoz.com/wp-content/uploads/2025/06/tldr-sec-283-Awesome-Black-Hat-Tools-Evading-EDR.png "[tl;dr sec] #283 - Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI 13")
[tl;dr sec] #283 – Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI
Huge list of tools presented at various Black Hat conferences, how attackers evade modern EDR, OpenAI’s report on threat actor...
Read more →
Rick Bohm on AI, Collaboration & API Security Future
Nestled in a log cabin high in the Rocky Mountains, Rick Bohm starts his day the same way he’s approached...
Read more →
Security maturity, complexity, and bug bounty program effectiveness: A deep dive
There are three key elements that, when combined, support the planning of a bug bounty program to attract the right...
Read more →
Why Google I/O Scared This 2007 Apple Fanboy for the First Time
As an Apple Fanboy going back to 2007, this is the first year I’ve felt fear for Apple’s future. And...
Read more →
This Is How They Tell Me Bug Bounty Ends · Joseph Thacker
An AI agent will soon be able to find all the vulnerabilities in any application. Or that’s what they say....
Read more →Hive Five 227 – Developers, Developers, Developers.
I made two new musical discoveries this week: Acid Bath and Ryo Fukui, exploring swamp metal and jazz. I also...
Read more →
The Chinese Room Problem With the ‘LLMs only predict the next token’ Argument
I’m sure you’ve heard the argument that LLMs aren’t really thinking because, according to them, LLMs are just predicting the...
Read more →
Jwt-Hack: Reborn in Rust | HAHWUL
jwt-hack v2 is a complete Rust rewrite, boosting performance, safety, and stability. Back in October 2020, I created a tool...
Read more →
DevSecOps | HAHWUL
Roadmap for everyone who wants DevSecOps DevSecOps is a culture and practice that aims to integrate security into every phase...
Read more →
JWT-HACK | HAHWUL
JSON Web Token Hack Toolkit # Cargo cargo install jwt-hack # Brew brew tap hahwul/jwt-hack brew install jwt-hack JWT-HACK is...
Read more →![[tl;dr sec] #282 - Weaponizing Dependabot, Ultimate Guide to JWT Vulnerabilities, Multi-Agent Automated Vulnerability Discovery](https://cybernoz.com/wp-content/uploads/2025/06/tldr-sec-282-Weaponizing-Dependabot-Ultimate-Guide-to-JWT.png "[tl;dr sec] #282 - Weaponizing Dependabot, Ultimate Guide to JWT Vulnerabilities, Multi-Agent Automated Vulnerability Discovery 24")
[tl;dr sec] #282 – Weaponizing Dependabot, Ultimate Guide to JWT Vulnerabilities, Multi-Agent Automated Vulnerability Discovery
Using Dependabot to merge malicious code and bypass branch protections, JWT attack guide with mitigations and labs, AI agents found...
Read more →