Checkout this new Ethical Hacking AI tool, itβs still in beta phase but here are the main interesting features
I think the natural language needs improvement but itβs still in beta so should get better over time.
Itβs one to keep an eye on for sure
Has to do with β.actionβ files in the /setup/ directory. Looking for info/PoCs, will reverse the patch when it comes out.
Overview
If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.
We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.
Please reserve top level comments for those posting open positions.
Rules & Guidelines
Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.
You can see an example of acceptable posts by perusing past hiring threads.
Feedback
Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Remote Code Execution In PyTorch Model Server TorchServe
Oligo's research team has uncovered a chain of critical vulnerabilities, named ShellTorch, including CVE-2023-43654 (CVSS: 9.8) in the PyTorch model server TorchServe.
This flaw allows unauthorized access to #AI models and enables Remote Code Execution (RCE) leaving countless services and end-users at risk.
Here is a blogpost that covers some techniques to block vscode tunnel. Any feedback will be greatly apreciated.