The first requires being able to overwrite binaries in the Swift tool directory. Yes, if you overwrite binaries executed by ghidra, you can trigger code execution. This is not a surprise.
The second, idk, I'm not familiar with TraceRMI (but it's probably worth noting that "RMI" stands for Remote Method Invocation).
The third is not a vulnerability in the slightest, they just demonstrate that native 7zip parsing code is reachable. Maybe there is a bug in the 7zip parser, but without that it's meaningless.
> Yes, if you overwrite binaries executed by ghidra, you can trigger code execution.
> but it's probably worth noting that "RMI" stands for Remote Method Invocation
This reminds me of someone submitting a (clearly vibecoded) vulnerability report claiming to have found a way to execute arbitrary SQL. The project in question? An SQL server... https://github.com/tursodatabase/turso/pull/4322
I'm no expert on any of these programs, but that's kinda the problem, isn't it? No single person is an expert on every codebase supposedly exploited in this repo.
After a bit of research, the Firefox one seems plausible to me. But, I haven't actually tried the POC. The explanation about the private-data and untrusted-input flags is plausible but I'm not an expert on Firefox's internals, maybe that's not actually how it works.
This just sucks, all around. Are we going to need every open source project gawking at the same repo full of stuff that has nothing to do with them, on the off chance that someone discloses a vuln that does have to do with them? Is this some kind of performative complaint about high friction in responsible disclosure? Well great job dickhead, you've just made a system that's even worse. Nobody benefits from this. Yuck yuck yuck.
The Gitea one looks marginally interesting, but is probably not exploitable in practice (unless Gitea or whoever else isn’t properly isolating jobs on dedicated VMs). I suspect GitHub Actions has similar behavior and is not considered exploitable because the user is assumed to already have local, non-namespaced root access.
Gitea action runner has a bunch of different ways to setup and doing the isolation properly looks tricky. The documentation doesn't provide any isolation tests to administrators, either.
The biggest mitigation is that gitea documentation discourages you from using action runners from untrusted users. Not flawless security, but it's something...
Potentially, but for many projects things like that are tools that you want to control access to anyway. Anyone wanting to update the CI/CD process who isn't a trusted part of the project should be having their changes properly reviewed by someone who is anyway, at which point the reviewer is the trusted user not the random external entity.
I don’t disagree with that, but I think GitHub has shown that projects want to have their cake and eat it too. GitHub has also shown that it’s incredibly easy to design an insecure CI/CD that satisfies that goal, but I see that more as a symptom of them being first-to-market rather than an inherent quality of the problem.
Wait, isn't this about protecting the machine running the actions? If someone hosts a project on Github and allows anyone to run actions, it's Github's problem if there's a vulnerability to exploit. It's their installations that are going to get compromised, not necessarily the project's data.
Was just thinking it would be hilarious if these were all known CVEs hiding the next Shai-Hulud inside of them and waiting to compromise security hobbyists rushing to download them.
TIL about Windows Sandbox. Not a Windows user myself (it's the Year of Linux on the Desktop™!) but this sounds immensely useful for technical and nontechnical users -- sort of a super-disposable container with UI? https://learn.microsoft.com/en-us/windows/security/applicati...
Ghidra one is pretty weak, but I checked out the ones that were interesting to me (c-ares, libssh2, ffmpeg) and they seem to all work as of the latest upstream commit. Weird
A glance at the nmap one seems potentially high severity. It might be a nothing in practice, but it being around parser code means the chances of preparing something to jump around are pretty high.
There'd be a certain irony being able to reverse shell anyone doing an nmap scan. If i had infinite tokens i'd throw claude on writing an exploit and dig through the history who made it possible because - if we take a moment to wildly speculate and assume it can ACE - this is the kind of bug an intelligence agency would love to have: Add a few ipv6 packets that then edit the trace being observed if the observer uses nmap / get access to any researcher pc who uses nmap.
These kind of tools have always had a broad attack surface. I've assumed state level actors already have exploits for them, mostly based on when I've used such tools for mundane network maintenance tasks and somehow do something that triggered an old-fashioned segfault.
Went over a few of these with a pretty keen eye, and they aren't that particularly interesting. The Docker one is just a weird bug, it's not a vulnerability, and certainly not a "0-day" (which is a pretty loaded term and people expect bad stuff to happen).
The nghttp2 nghttpx one is more interesting, and could potentially be used for phishing, but it's very hard to line up properly because the request queue is non-deterministic so basically impossible to target a specific victim (assuming proxy traffic).
The VLC one is just a straight-up crash/bug. And VLC crashes all the time when using weird codecs, so that's nothing new.
I mean, that's how people get hacked. If vlc crashed on my computer, and every day I should raise thanks to my gods that I do not use vlc, I would immediately unplug it and thoughtfully consider the circumstances under which it would be safe to turn it back on.
Right, this is why video parse / decode ought to be sandboxed. Writing secure code for these formats, especially in C, is really hard. I just sort of glanced at the bug in the repo, but it sounds plausible. It certainly wouldn’t be the first of its kind.
>I mean, that's how people get hacked. If vlc crashed on my computer, and every day I should raise thanks to my gods that I do not use vlc, I would immediately unplug it and thoughtfully consider the circumstances under which it would be safe to turn it back on.
What are you doing on your computer where it is really a threat to you? I'm curious as to your specific use case :)
This is common in the hype era of AI models that can look for security bugs. An open-source project I used to work on that is basically "distributed code execution as a service" keeps getting reports that the job submission function is a vulnerability. The reporters don't even understand what the project does.
0-days-vibes-vulns? There should be a new category, for spotting and handling the em-dashes of this brave new world of vulns and making the old fossils like me only picking my head up for the old painfully still hand-crafted artisanal ones instead. A kind of label, like free-range for eggs, in sum.
I used to be an em-dash user, but now my opinion is that I’d rather be perceived as someone who does not want to be confused with an LLM. So I’ve changed my writing style.
They're just so handy! I do think LLMs tend to use them in a specific way, though.
So maybe tweaking your usage (ex. no spaces around them) or using a technically incorrect en-dash might offer the desired effect while subtly signaling that your message isn't AI-generated.
I still use them — mostly for pauses — but I'd like to think my voice sounds distinct enough from an AI that people can tell.
I for one am striving for clarity and couldn't care less about being confused with AI.
However I've only ever used regular dashes. How do you type an em-dash? Is it OS specific? I've taken to using Emacs insert-char with a list of frequently used ones in my scratch buffer. My memory for Unicode is unreliable.
Macs have a native way to do dashes: option- hyphen for en-dash and option shift hyphen for em-dash. On Windows there are some application-specific ways that make sense, e.g. in Office, but outside that you’re on your own and have to use the “hold alt and type the character codes” method! Or charmap.
Keyboard layout specific. Macs with their default English layout use “option-shift-dash” which is really easy to remember (and relatively discoverable, as such things go) which is why using proper m-dashes (not just double-dashes) used to be a strong indicator a poster was using a Mac, before LLMs took the character over.
On iOS you type it by pressing dash and holding until alternative options come up, same way you type e.g. accented characters.
Macs have two possible ways. If you have key repeat enabled, option+shift+dash. Some newer Mac users may have the mode on where holding a key pops up an iOS-style bubble of alternate options, in which case they will just hold hyphen.
In emacs, c-x 8 RET prompts you for unicode character names (or hex) so for rare use you can just spell it out. There's also C-x 8 _ m for em dash and C-x 8 _ n for en dash. (Hit c-x 8 c-h to get a full list of those bindings, like any normal secondary map - they're about as idiosyncratic as the XCompose bindings, but you might find some of them "stick" in your head better (I personally like "C-x 8 1 / 2" better than "Compose 1 2" even if it's a lot more typing...)
I've only ever been using "regular" dash, a minus, for that. How do you even type yours? If I ever needed differently-sized dashes (and I don't know the difference between them) I always used wiki to copy them.
(disclaimer: I feel like this obsession with dashes is special to native English speakers, which I'm obviously not)
Depends on your OS. Mac is the easiest, it's just ---, Linux depends on your distro, if it uses KDE, it's <right-win>--- —. Windows is a little awkward, I think you need <right win>+the code point.
silly specific: the minus sign is a separate character. The dash equivalent is the en dash (–), versus the larger em (—) and smaller hyphen (-).
The en dash is also used in things like scores (3–2 Turkey), votes (the bill passed 58–42), or connecting words where the second part is longer than one word (the Australia–New Zealand alliance.) You can remember the latter as, "a hyphen isn't big and strong enough to hold on to more than one word.
If you're on a mac, pressing Option+- is the en dash and Option+Shift+- is the em dash.
My first language is Dutch (Flemish). I didn’t even know there were three different dashes. The em dash is something I didn’t know exist, or were used, until llms came about. The hyphen is something we use when we make a list, that’s just the minus symbol right?
So em dashes are for pauses or highlighting things I guess?
The en dash you explained in your reaction.
Is there any other use for the hyphen except for making lists?
It’s an obsession with literature and/or typography nerds specifically.
Option-shift-hyphen types an em-dash, option-hyphen an en-dash. You can also hold the hyphen key (on a Mac or iPhone) and it will allow you to select either. Em dashes are used—like—this—as something spiritually akin to a parenthetical. En-dashes are used within ranges: Feb 14–17.
Only a small subset of native english speakers. Most don't use dashes at all, of those that do most just use minus for everything, some exceedingly small group cares about typographical details and thus distinguishes the different sorts of dashes.
It's an attention to detail thing that you'd definitely want to get right in a physical textbook or the like.
My feeling is that my writing doesn't sound anything like an LLM, so if someone thinks I'm an LLM because I used an em-dash, that's on them. That, or I royally screwed up and need to do a better job as a writer. At least with today's LLMs.
What is the typical motivation to start using em-dashes?
Why go the extra way to have a slightly elongated dash when a normal one would just as well do the job?
I might be conpletely off here but I've never seen a situation where using a normal dash where a long one should be causes any sort of syntactic trouble.
It looks aesthetically nicer. It was also a bit of a signal that someone took pride in their work and so helped that way. It's a bit like whether your tradesperson cleans up after themselves. Technically sweeping up the dust after installing a kitchen cabinet doesn't actually mean anything for the quality of the kitchen cabinet installation, but in practice putting the effort into the presentation correlates with putting the effort into the actual work.
I understand the sentiment with the tradesman example. I would argue that there are a multitude of ways to care about or take pride in one's trade and emdashing the floor is just one of them.
i mean why use punctuation or any capitals at all, why not just blast words out in a stream of consciousness so readers know how yr thinking why even bother with speeling things write
Just because you don't care to use the proper dash doesn't mean everyone else doesn't. People have different levels of caring about different details. For the sticklers, there's even a special code point for ellipsis, … rather than .... (Four being correct, as one is to end the sentence.) Personally I'll just skip — entirely unless I'm in a trolling mood, though “sometimes” the right quotes are worth using. Special characters are easy to type on a phone soft keyboard, taking a long press on the relevant key, or if you're using any other advanced input system, so they shouldn't really be considered to be the mark of LLM input.
The real trouble is that people doing engage with the substance of the post anymore, and just shallowly dismiss a post as being vibe written, as if that makes any points raised invalid. Anti-intellectualism's always been cool among a certain crowd. Shame to see it spread but ah well, the propaganda's working.
I think people who care about correctness and also read a lot automatically see the difference and it seems (and is) technically incorrect to use a hyphen where an em dash belongs. That’s really it. Kind of like you wouldn’t just leave out the apostrophes in your writing even though in most contexts they are not strictly necessary for comprehension.
Leaving out apostrophes isn't the same though, is it? If you leave out apostrophes you have syntactic effects while a (sortof)dash is still sort of a dash?
Its not exactly the same, of course, but its pretty analogous. It’s a minor, technically incorrect change that doesnt change meaning or understandability most of the time. Ive left out a bunch of apostrophes in this paragraph and Im pretty sure nobody will have a hard time understanding any of it. Yet it would bug me to actually write like this.
I don’t give a flying fuck what people think. Most colleges copied or adopted my (for a few semesters) school’s style guide, so LLMs are essentially copying me, and I won’t change my punctuation usage because they suck.
But people at work who are copying responses from LLMs into emails to others also suck, and I want to distance myself from them as much as possible. I'm kinda hoping we will eventually have a wave of "what the fuck are we paying you for if you're just copying stuff from an LLM to Slack" firings.
This is a pointless and infinitely losing arms race. LLMs will learn to use hyphens instead of em dashes, and so what? You’re going to start using em dashes again?
At this point, I believe the LLM "style" is on purpose. Perhaps the labs want to be able to distinguish their slop from human content for future training; I don't know. But it feels very deliberate that they've kept the style so consistent for so long.
I agree. They're voluntarily adding fingerprints to images so I expect the default voice is intentional and it wouldn't surprise me at all (though I have no evidence of this) if the output text has a fingerprint stenographically embedded in it.
In a video of Hank Green, he interviewed an AI expert (if there even is such a thing), and he said that in the thinking part of the conversation, LLMs seems to use code language to communicate with itself, like in the usage and ordering of words, and such.
I think that there could be even more then a fingerprint in those messages.
I'll take this opportunity to repeat that the natural language interpretation of thinking traces don't appear to be "real" by any reasonable definition. Even if they can at times be useful (at least seemingly). There's research demonstrating the usage of arbitrary symbols, even just repeating a single symbol, leading to a similar improvement in ability. This makes sense if you consider how the attention mechanism and KV cache work as the sequence iteratively grows.
Basically we optimize the models to produce output with certain characteristics but that doesn't mean that what we see is the whole truth or even that the relationships in the underlying system are structured in the way that we might expect.
> The purpose of good writing style has always been to signal education and class
Sure, that’s why there have never been any authors that became famous despite being poor and deliberately writing with that affect.
Good writing style does connote good education, and in environments where being upper-class bolsters social standing, some people flaunt it to signify class, as they would with any other wealth signifier, like expansive shoes.
I am a union tradesman— the third generation to work in manufacturing in this area. Affecting an upper-class identity diminishes social standing in my environment. Having a lot of money, definitely doesn’t. My dirty work boots probably cost as much as many of the trendiest shoes on the market, and the guys at work know that and admire them… but my wearing them doesn’t signify class. Similarly, you can use good writing style in a way that shows you went to a good school and paid attention without wearing it like a Harvard Business School fleece.
Ok— I don’t give a flying fuck if people jump to the conclusion that I am an LLM. And that concludes my willingness to engage in those pedantic semantic antics.
Sure— I don’t do any professional writing at this point, so my stakes are a lot lower. If I work in a field where people care about what I write, again, then maybe I will. Complete sentences are often seen as unforgivably inefficient in my current position.
I'm a secret invisible ­ soft hypenator. I like to break words in whacky places that change their meaning only when they need to be broken. Like Democ­rats.
I had to look up why this exists, and apparently it was added in Unicode 6.1 (2012) because some style guide required it, and using consecutive U+2014 em dashes isn't sufficient because that might not render as one continuous line.
The question is whether the m-dashes are surrounded by spaces or not. The spaces are utterly maddening. But yeah, RIP the mdash, who would have thought.
The thing is, in lots of contexts you cant easily type em dashes.
Google docs will convert “—-“ to an emdash but simple text inputs wont.
So when you see one in that context you have to consider the explanation. They copy pasted an em dash specifically, they drafted in Google docs, they know the unicode keyboard shortcut, etc. None of these are safe assumptions. And if it’s markdown you know it wasnt drafted in Google docs.
It's interesting that Claude also over-uses en-dashes. It's very willing to create compound-noun-phrases, especially in that compressed-summary-paragraph it often writes. The 0-days-vibes-vulns that started this thread looks a lot like that, but it could be Claude directly, or just Claude's style influencing people who spend too much time with it.
Those are just hyphens, actually. En dashes are for ranges (e.g., 1–4, which is admittedly hard to distinguish from 1-4), not compound words. Point stands though—LLMs do love compound words and dashes in general.
Are they all actually 0-day? I think a lot of them are from disclosed CVEs/code that were already fixed upstream. It often seems like the term "0-day" has lost most of its meaning today and people often use it to refer to any exploits.
> A single archive of public exploit PoCs and vulnerability research writeups. At the time I post these, none have been reported. Feel free to report them yourself and take credit for the CVE if handed out lulz. Please do not abuse these. I do this so to allure people into the field, and I've always found this is the most efficient way.
Which is roughly the definition of zero day. Whether the contents of the repo reflect the above claim is something else entirely.
Reminds me of Jamie Wolf's joke about bestiality laws. Who are those for? What stops most people from bestiality is… not wanting to have sex with animals! For people who do want to, what, they won't because of… the law??
We slaughter animals millions by the day in an industrialized fashion. I'm sure they'll feel much better that even singular instances of sexual harassment are officially not ok on paper.
As a very general statement, there's a cost to having laws exist. A law that stops one human-scale action ever is very unlikely to be worth the overhead.
That’s one school of thought. Law as a tool to punish those who have committed a prohibited act, mostly reactive.
Others consider law a way of encoding the group’s existing rules and norms.
In that view, making something illegal or mandatory is not a prerequisite for punishment: it’s the actual main point.
The threat of punishment is meant for those not deterred from an act by the simple fact it is illegal (and the threat only works if enforced).
Others put it the other way around, and see law as social engineering, a way to shape the group, either through the encoding itself of the desired behaviours in law, or through deterrence. Or both. If what one is after is either power or legitimacy, they need compliance more than punishment (can’t rule once you’ve chopped everyone’s heads off, or once the mob has put yours on a spike).
It’s also sometimes used as coordination (which side of the road we drive on).
And there’s also law as dispute resolution (if your neighbour’s hen lays an egg in your garden, who does it belong to? Yes, it’s ridiculous. Yes, some places have one or more laws for that). Which, incidentally, both requires and provides legitimacy. Funny, that.
And probably many other kinds / points of view, with many different purposes, intents, and mechanisms.
Anyway, all that to say law is vast, fascinating, and utterly tedious. And apologies for the tangent.
> Law as a tool to punish those who have committed a prohibited act
You're thinking of criminal law. And it's not just some group's rules and norms - there already exists familial or social group punishment for that. Criminal law is prosecuted by the State. It's the code of conduct of the society you exist in.
If you want a thought experiment for what life would be like without organised society, read Leviathan
Hence why we accept State governance and law (to a greater or lesser extent, obviously people protest specific laws and injustices and what's on the statute books changes on a regular basis), because the alternative to law is "nature", aka bigger-army diplomacy. Anarchy doesn't free people, it only gives freedom to those with existing power to disempower others. Those with superior power will simply rob, rape, kill or enslave everyone else.
States exist to secure their territory from those sort of external threats, and incubate an economy inside their borders, which aspires to bring wealth and happiness. The criminal law is put in place by those with the monopoly on legitimate violence, often encoding the views of the population, to keep their society running.
Either the fear of the consequences of breaking the law, or that the most effective way to reduce crime is to remove criminals from the population so over time these people being in jail or worse decreases the crime rate. They don't have to care about breaking laws in the abstract for the law, properly enforced, to reduce crime.
Those seem like two different scenarios though, right?
The point of beastiality laws are to give society some recourse to punish people who abuse animals.
There was a very famous case back in Washington state back in the early 2000s where a group of men were sexually abusing horses. It was uncovered because one of them died, and the other could only be charged with trespassing because it wasn't illegal at the time to sexually abuse animals.
You cited a specific case. It's not odd at all in the context of that case. The professionals in charge of enforcing the law decided the animals weren't harmed.
> There was a very famous case back in Washington state back in the early 2000s where a group of men were sexually abusing horses. It was uncovered because one of them died, and the other could only be charged with trespassing because it wasn't illegal at the time to sexually abuse animals.
What I said, verbatim, about that case.
What part of that is incorrect or warrants clarification, exactly?
Using the legal definition of "abuse", yes it was illegal to sexually abuse animals. Their actions didn't qualify. That's what warrants clarification here.
I appreciate your definition of abuse here but it's confusing in a discussion about legality.
No, it wasn't. The laws are quite explicit about what "abuse" means, and if you take a gander at most laws (including Washington state's circa 2000 or so) in the context of animals it usually explicitly refers to physical harm (for example, mutilation) or improper living conditions. Charging them under Washington's existing abuse laws would've required the animal to be physically injured, which it wasn't. It's quite literally why they had to pass a new law.
I don't know why I have to explain this, but:
1) Sexual abuse can occur without physical harm or injury.
#2 can be split into two sides, and not everyone believes one of those is sexual abuse.
Edit: Removed video link because the second half was gross and unrelated. May try finding another clip, but the first half was of Cenk Uygur from The Young Turks about a decade ago saying he'd legalize cases where the person pleasured the animal.
And my point is that sexual abuse is a subcategory of abuse.
You didn't imply until now that I was wrong about animal abuse already being illegal. In that case, a bestiality law doesn't fix the actual problem, right? It's a band-aid partial fix.
I'm not sure what your point is, to be blunt. It seems like you wanted to make some weird argument about the semantics of the word "abuse", and are now implying one of:
1) Beastiality isn't sexual abuse
2) Beastiality laws are pointless because it was already illegal under existing abuse laws (it wasn't, as we've repeatedly discussed)
3) Sexual abuse requires physical harm
all of which are pretty gross (1,3) and/or pointless (2). I don't really feel the need to argue any of this any further, so I'll leave you to it.
Well, it's a joke because the problem becomes apparent after you think a bit about it. The exact same reasonig can be applied to anything illegal, criminals are criminals because they don't respect the law, so you could try to say that laws are useless. Reality is, if something is illegal not only someone can be punished after the fact, but in some cases also preventive measures can be taken.
Regarding the comment, it isn't going to stop anyone. Most people will not do cybercrime because they're honest. Of the remaining, the risk of being sentenced to jail time will instead stop some people, even if not all of them.
As you're basically saying, the world isn't black or white. There's also a category of people that needs an incentive to behave. Also, without any laws, it would be problematic to punish "the bad guys". At that point, what you can or cannot do would be only a matter of relative power: who is stronger can do whatever they want to weaker people.
As well as those who don't wish to be blessed with Herpes-B from somebody who thought it was a good idea to engage in unsafe sexual activity with other non-human primates
AI is always a bit eager to report everything as an issue because the "number" of findings is seen as a measure of it's intelligence. Same happens with code review as well. It reports lots of non-issues. I suspect even Mythos output could have the same bloat, and the number (instead of severity) of the issues it reported could have scared people.
This is not what I heard from folks who worked directly with mythos. I was told that the vulnerabilities it generated were largely real and meaningful.
I'm an OSS developer and I've received three "CWE" alerts in the last two weeks. While they were all valid, they were for very trivial things like "this debug logfile could overwrite a file if it were a symlink" and "if a user is able to put OSC screen codes into the Git output they could write arbitrary data to the screen"
These AI models are making *everything* sound like an exploit. Not sure if this is good for the ecosystem. It makes me question everything that comes in more carefully. Is this a real exploit, or someone farming for karma to claim "I opened 39 CWEs in the last week. Hire my 'security' company to audit your code."
There is going to be a flurry of this sort of stuff as the AIs get smart enough to find them. It will naturally die down as the legitimate ones are fixed. Yes, there will always be some level of this, but I’d expect it to be low and the exploits found to be increasingly complex. This is a time of transition.
> It will naturally die down as the legitimate ones are fixed.
Seems like we're already in the middle of this phase, but rather than dying down, the 'reports' have just gotten more noisy and obtuse, making it more difficult to establish the actual degree of threat / attack vector.
I mean. Makes sense until adversary states start walking through the same doors you’re using. At which point you might regret that maintainers are too flooded to deal with it.
Assuming, of course, said state agency is operating under sufficiently strategic governance and management…
> a flurry of this sort of stuff as the AIs get smart enough to find them.
I really think this characterization is misleading. It's not "getting smart", only more tailored toward a specific usage, better curated dataset, better harness, better prompts, better labeling of results, documentation of failures and success, etc.
The outcome is (hopefully) overall better but this anthropomorphized wording makes it sound like AI itself is somehow changing or evolving. No, both academia doing fundamental research, industry making it available commercially, and finally security researchers making the entire tooling and process packaged as a service are actively shaping it to make it better. There is no "it".
A future AI may be intelligent, but LLMs are clearly not. They have no agency, no ability to reason, and no world model. The most effective way to use them is to treat them as next token prediction machines, because that’s what they are.
edit: downvotes but no rebuttals. feel free to show me where the agency, reasoning from first principles, world model etc exists. or you can ask an llm and they'll tell you they don't have those.
I think you are giving the word "smart" a meaning or implication that it no longer has or is used with. It is common to say Google Search or Siri got smarter/better or dumber/worse, so I don't see saying LLMs getting smarter is any different.
Perhaps, but as the AI analysis becomes part of the release process (or even the CI process as prices fall), you’d expect those new issues to be caught before release and fixed. We’re seeing them caught post-release for now because the code is older than the AIs, so we’re catching up.
Looks like someone is running one of the LLM models and publishing the results. It looks that way because there is a really wide mix from things that are silly "replace system binaries to run arbitrary code!" to things that could be legit. That is kind of par for the course when you ask an LLM to 'find an exploit and write a PoC' kind of prompt. Presumably if you train something on the last 15 years of Metasploit[1] reports it can find the same bugs that people have written into new code.
Actually, Mudge of the l0pht (and later DARPA) once famously made the claim that all bugs are security issues waiting to be exploited in some way (I’m probably paraphrasing). I kind of agree. Although, the bugs on this dump are indeed mostly pretty lame, which is exactly what I’ve seen you get a lot of when you let an llm go bug hunting with no human vetting and confirmation in the loop.
It’s possible/likely that whomever is running this experiment is keeping the non slop bugs to themselves. It’s probably what I’d do.
Such claims can both be true and pointless. For those of us who have to decide what actions to take, there is a point in differentiating between bugs and vulnerabilities, and breathlessly proclaiming "we found a vulnerability but we don't have an exploitation vector or proof that there's a meaningful security consequence" is annoying and likely to get the proclaimer ignored in the future.
The context in which that statement was made, and in which I’m repeating it, I think, is just to say that any bug has the potential to be used maliciously. Ignore it, fine, but also don’t overreact to the intended message…
Maybe I'm missing something but the ffmpeg buffer "exploit" involves passing a custom exploited buffer callback to parse a RASC file that presumably has been crafted to contain a packet that can exploit the custom buffer passed in? I don't see how this would be used in practice in the wild as to achieve the first step (custom buffer invocation) would require you to already have access to the machine to even invoke ffmpeg with it?
Like yes there is a heap OOB issue in an incredibly old file format, but without already having arguably compromised access to a machine, exploiting it for RCE seems impossible?
The custom get_buffer2 path is not something the attacker needs shell access to invoke. It is a normal public libavcodec API used by applications embedding FFmpeg. The attacker’s input is still just the crafted RASC/AVI media. The target application invokes FFmpeg/libavcodec during normal media processing. The PoC uses a custom buffer provider to make the heap layout deterministic and to place a demonstrable callback pointer next to the decoded PAL8 plane. That proves the bug can redirect control flow in a valid libavcodec decode flow. It does not mean the exact same file will pop calc under stock ffmpeg -i everywhere, but definitely not impossible. I popped a few shells today with it on a few websites for testing purposes. Reported it to them all, of course.
Do NOT, under any circumstances, use any material in this repository
maliciously. This is good-faith, open-disclosure vulnerability
research intended to get more people interested in exploring
this area of cybersecurity.
Reminds of the message in the The Anarchist Cookbook before one the recipes that essentially said: "This is really dangerous, don't ever do it, here is how you do it."
I also have a library of bugs I found using Claude Opus 4.8 through the Customer Verification Program. Undisclosed, Atp I dont even know if they have been found by someone else. But just like this repo
Theres a bunch of very specific scenario DoS bugs, buffer over/ underflows, that will get caught by ASLR and whatnot
When I report serious ones, mostly the devs will respond with something like, yeah, thats how we designed it in a dangerous way, so that the layer above or below can solve the issues, and other footgun stuff.
Bugs are bugs security vulnerablities or not it's good for open source project when someone actually goes through the code even if it is with an llm. As most people assume someone has gone through the code when it might not be true.
I want to rush to git clone, but as things are, the odds are extremely high that this kind of things that are too good to be real are honeypots and something there will compromise your machine or make your llm start working for someone else...
Most of the exploits are for opensource/free software.
I don't know what methods where used to find these exploits but I am starting to think security through obscurity might not be a bad thing in this day and age, where someone can just let bots loose on your codebase.
llms are fantastic disassembly partners, they're quite good at labeling functions from various dissassemblers -- the net losses from losing the benefits of open source , imo , outweigh the protection afforded by hiding your source code in yet another layer that is more and more easily unrolled through automated procedures.
Um, the nginx binary would have to be in the hands of hundreds of thousands of server operators. And the set of server operators is rich in the kind of person who would attack it. Not to mention the huge number of leaks you'd get.
Maybe if it's some server-side software that you only use yourself...
And isn't it also mostly a transitioning issue. Those open codebases will be constantly scanned for potential security issues and getting more and more hardened.
There are probably a lot of easy wins that are going to be discovered over the next few years but it should taper out after a while.
I don't think that's exactly it. OSS only needs someone to have a strong LLM to check for bugs. If your software is proprietary, it's a competition between just you and whatever model you have vs any attacker and whatever model they can lay hand to.
> OSS only needs someone to have a strong LLM to check for bugs.
The same applies to propietary, closed-source code. It being closed-source means that the source isn't generally available, but the executable is. Hence, someone with a strong model can still reverse it and find vulns.
Presumably, one could let the bots loose on your own codebase first. The question is one of financing of course. If your end users are enterprises willing to pay for a support contract, they probably care enough about not getting hacked to endure the higher prices that would let you throw enough tokens at the problem. Other open-source projects might have a harder time.
> I don't know what methods where used to find these exploits but I am starting to think security through obscurity might not be a bad thing in this day and age, where someone can just let bots loose on your codebase.
I'd love to hear why you think obscurity is bad, if you now think maybe it's good in the LLM age?
I'd also be interested if you could describe exactly what or how you think security through obscurity works, or doesn't?
I've been thinking a lot about how to better teach this concept, so I'm looking to understand exactly how everyone thinks/understands how it currently works, or should work, or what it should do. I don't care about the "correct" answer, (I have ddg too :P) I'm interested in general expectations from SWE's that I might teach at work, instead of opinions of security eng speaking about theory.
Because of asymmetric differences, I don't have access to powerful LLMs but attackers might. And also the complexities of software dependencies (supply chain vulnerabilities), my software depends on packages not in my control and I don't have time to audit the entire stack.
Perhaps the answer is to depend only on packages that come from people that are more competent than you so you can know if or when your program is compromised that it'll most likely be your fault and not theirs.
Security through obscurity can make something a bit more secure in practice by annoying an attacker IF AND ONLY IF you're not relying on the hidden information remaining secret in order to the system remaining secure. E.g., if you're using a broken cipher and assume this is ok because no one knows which cipher you're using, you're gonna have a bad time.
In the case of FOSS software, it is generally recognized that the small advantage of keeping the source secret is far outweighted by the contributions and vuln reports you get if you publish the source.
I think LLMs might actually have a bigger effect on closed source software - the tedium saved on open source bug hunting is significant, but on closed source software the tedium of finding bugs is extreme because of all the reverse engineering, but LLMs will chew through that. So there's probably a lot of low hanging fruit.
Looks like a bunch of re worded copies of existing CVE and a few new lower severity things. I only call them low sev because they seem to require the user to do things that are already inherently dangerous. Just my 2 cents from a quick scan.
Edit:
To be clear still interesting finds. I think with some chaining some of them might be more severe. Like the ovpn one and windows potentially registering vpn app as default open or some protocol opener for a url location like openvpn:// in an I frame and some clever social engineering. Just a random thought
I wonder if LLMs can tell the difference. Maybe it's like back in the day when you had to add "+good -bad" because otherwise it wouldn't know you wanted it to be good.
trying something new? this is interesting. the problem is that submitting reports is too slow. if you find one then your not supposed to share. but then over the next 90 days you learn no one cares and 13 other people submitted it before you, 43 after. maybe better that we just know. so we can run code we can trust sooner. zero is the proper number of dependencies. otherwise assume its broken.
I'm going through each one, and it's fascinating to see things like this. The UAF principle in c-ares is really interesting.
The problem ultimately came from not being able to prevent stale pointers. The attack works by figuring out the size of the stale pointer, then spraying memory with data of the same size, and finally achieving RCE (Remote Code Execution). How do people even come up with ideas like this?
But do people actually find these vulnerabilities on their own, or are they using LLMs? I was curious about how these vulnerabilities work, so I tried asking my dear friend Mr. CLAUDE, but he immediately threw an error and ended the session because it was a cybersecurity question. Enterprise APIs block even the analysis itself, so it's amazing that people can actually pull this off in practice.
le sigh, c-ares. Very predictable outcome. If you ever find yourself entertaining the idea that you will simply write non-blocking network protocol stacks in C with manual lifetime management, slap yourself. It doesn't matter if you think you are a super genius of unimpeachable taste. The job is impossible.
cool to see rustdesk. low level memory bugs were long mysterious and i think often received most of the attention for this reason, but always fun to see reminders that "nope, good ol' fashioned logic bugs in high level languages have security implications too." if anything, i think they sometimes are more clever as they require deeper understanding of what the code actually does, intends to do and what was overlooked rather than the common set of bookkeeping errors that are often the root of the memory bugs.
Doesn't at all. You can take cash, keep cash and spend cash without any bank being involved. Cash is more anonymous than crypto and (if it's USD) accepted just about everywhere.
Banks give you an advantage with transaction security and deposit insurance, but that's dealing with money and not cash.
We need our infrastructure to stop treating bank account numbers and social security numbers as secrets. At least in the US, bank account numbers appear on physical checks and are required to be shared in order to do an ACH transfer, and a social security number is not supposed to be used as an identifier (unless to the Social Security Administration itself) or as a secret password.
Ideally, nothing nefarious should happen if both of them were listed and queryable publicly.
If someone has your bank account and bank’s routing number (which is also not secret), they can make fraudulent ACH transfers and payments from your account. Of course it will most likely be caught as fraud some time after the fact, but just those two bits of not-secret info are enough to grief someone.
> At the time I post these, none have been reported. Feel free to report them yourself and take credit for the CVE if handed out lulz. I do this so to allure people into the field, and I've always found this is the most efficient way.
I've been a skiddy, he would have believed this. Thankfully, I've grown a bit, and can see this for the transparent, "I'm angry and want to hurt others so I will feel a little less alone", it actually is.
I'm sorry you're so angry dude (me too), but as someone who's joined the blue side, we'd appreciate it if you gave us some kind of heads up, the bad guys generally have a lot more time to scroll for new payloads than I do. Not all of us deserve the kindness of a heads up, but every single one of our users deserve it. Don't punish them because you're mad at someone else.
You can flex on the idiots you're trying to flex on, without hurting people. Even an email to security@[that_project_domain] saying "hey, I've published these" would move you from the group of people I see making the world worse, into the group making it better. (You don't have to, obviously, but making the whole world worse wont make you less angry.)
While i can follow your path, maybe because i see the same, i sadly have seen in groups of friends how this can go sideways very fast. If you report things, some companies gone treat you as a criminal/offensive actor and even go legal actions against you even you just tellem here you got this vuln.
Sure you than can do it anonymous and so on but point is : its not like every actor that gets notified will react thankful to it. Some even just ignore it.
How bad are your security practices that these tiny obscure things matter? None of these findings that show up here on HN should even make you flinch. The alarmist takes on this stuff is fucking exhausting and I'm tired of security teams bugging me about it. Do your job and this shit doesn't matter AT ALL.
I said "doesn't matter" to someone once... the resulting lesson came in the form of a reply from the whitehat researcher (waves, hi brian!) a 16step exploit chain resulting in a one click full account takeover.
I'm equally annoyed and over the alarmist takes. But I don't think it's fair to group mine into it. I'm annoyed at seeing discard respect for others into the same void everyone is happy to toss quality.
Do these tiny things matter? No, not to the default-panic-level everyone adopts when they see 0day, or CVE... but duh, I'm now just repeating exactly what you already said. That no, for the record is mostly because I don't use any of these, not just because they're boring exploits. While I always look, I default assume anything CVE is boring/pointless. But I still read them.
But then, I'm not trying to convince the owner of the repo. I'm trying to discourage the theme among researchers that "no one cares", because I have seen researchers disclose bugs publicly, that we'd be eager to pay out on, because they disagreed with the decision on their last report.
I've fixed bugs being actively exploited against our users, that was found/fixed only after a whitehat report for something adjacent (we pay on those btw, and you should too). I don't wanna live in the world where it's easier for the bad guys, the only way we get there is once "everyone knows", you gotta report the all bugs that you can turn into an exploit. I don't want "the whitehat researcher culture" to move towards, who cares' dump the PoC on github, screw anyone that could be hurt by the bad guys, they deserve to be punished for the incompetence of others. SWE's are shit at security, security researchers are shit at SWE, the only way we get the good outcome, is if they're willing (and encouraged) to work together.
Even if the company doesn't have a big bounty publishing exploit code without warning them is unethical. Moreover, a lot of these projects are FOSS without a company which could pay bug bounties.
I say we, intentionally not naming the company, because 1) doing so tends to turn off people's brains and they default assume everything $company does is the correct way, but if I say something stupid I'd rather someone tell me, instead of assume someone at $company must know or couldn't possibly know. 2) I say we, because I'm speaking for myself, (and maybe a tiny bit) for my 2 friends still running the BB program at what possibly should describe as my former company, but then I've always exclusively been speaking for me, not about them...
So I'm still not gonna name them, it wouldn't be hard to figure out who they were, with a likely-trivial amount of effort if feel the need to know... but if you'd rather, I'd encourage you to imagine I work at the worst company you can name or imagine, so you can use that to discard anything I've said. Because I'd rather be judged on my argument, not who hired me that one time.
I meant it when I said it intentionally. I still run BB programs the same way, and expect others to behave similarly. Funny enough I was just talking to that friend this week, about the BB program. Nothing has changed so given my friends still follow the same pattern at that company... We is more accurate. Sorry it bothers you, but not everyone is you.
No one is doing 16 step exploits unless you're a huge target in some way. 0.0000001% of companies fit that bill. And even then, ok, what did they get? An account login? What are they doing to do? Read email? Then what? "Use it for social engineering"? Who cares, you have MFA right? You have a firewall? You don't allow people to randomly jump from box to box via RDP? You have basic security and auditing on your fileshares? EVEN THEN, what, they get a spreadsheet from your last town hall meeting? I'm also tired of pretending that 99.999% of the data in a company even matters. Unless they have some way to cryptolock your whole company, AND you don't have backups/snapshots without any basic access security, there isn't a lot of value to be taken. Security "teams" are a bunch of fucking busybodies with nothing to do. Pay for a competent admin team and the security dept is completely redundant and useless.
> No one is doing 16 step exploits unless you're a huge target in some way. 0.0000001% of companies fit that bill. And even then, ok, what did they get? An account login? What are they doing to do? Read email?
Account take over of a user account. I'm pretty sure I could sell access to the DMs of a few popular people for 100x what we paid out for that report.
But also, I'm pretty confident that this researcher delivered this exploit because I'd said that there was no way he could use it maliciously, not because he wanted to be paid. Then, once I made that critical error in judgement by questioning (rejecting) his assertion in his report. He, like most hackers, being insulted by the idea, was then required to restore his name and reputation. There are the people who only go after targets that they can confidently make money off targeting... some of us care more about reputation than money, and will die on any hill when our reputation/work is questioned/doubted.
> Security "teams" are a bunch of fucking busybodies with nothing to do. Pay for a competent admin team and the security dept is completely redundant and useless.
Lmao, tell me you don't really understand what goes into getting functional systems/corp security without telling me. I don't even disagree with the point you were trying to make. You're absolutely correct! If you have a competent admin team, you don't need a dedicated security team. Unfortunately, as I live in the real world, where most people are incompetent, it does help to have a dedicated security team. Especially considering if you were an admin who is competent, you could make 2x as a security engineer, which normally keeps all the competent people out of admin, and thus requiring a dedicated security team.
I don't know why you're mad, or why you're arguing it at me. I'm pretty sure I already agree with most of your points... the only one I might disagree with, and only then because you're arguing at me for some reason, and that makes me think you probably disagree, with the important point which is, we're all on the planet together, you're not required to help me do my day job, but as an industry, both security engineers and security researchers, we need to remember that we're actually on the same side, and we need to aggressively resist returning to the us vs them mentality that we're just barely starting to escape from. Case in point, it appears to me that you think complaining about how security people are useless and CVEs don't matter, as a much more important point, than complaining about obviously irresponsible disclosure.
User/admin discretion for software they use should be a big factor, sometimes getting burned is how you learn to play with fire. Or decide that having your data/participation disrespected means you need to set harder boundaries. My solution is to try things in isolation, run very few services, try to avoid becoming dependent on the online, appreciate the offline and local first.
>I've been a skiddy, he would have believed this. Thankfully, I've grown a bit, and can see this for the transparent, "I'm angry and want to hurt others so I will feel a little less alone", it actually is
Please name the "victims" here.
I'm genuinely curious, have you ever had actual, direct threats to your safety before, as a person? As in, murder, torture, false imprisonment, or other __likely and credible__ threats of grave bodily harm?
> but as someone who's joined the blue side
Are you somebody who separates "cybersecurity" from say: military intelligence poisoning one of your employees, sending them to a hospital which is already compromised, before sending back their new asset into your very "secure" company?
I get the sense that folks here are assuming this could be the work of an AI practitioner or bot dumping a bunch of exploits. Assuming there are some serious exploits in this trove, what would the motive be to do it in this way - without reaching out to the various code maintainers in some way?
A friendly reminder that a 0-day is a vulnerability that wasn't known until after a malicious actor exploited it. If someone publishes a PoC, it is not a 0-day, just a vulnerability.
I was thinking that the other definition was right and this correction was wrong.
Then I did some searching and found multiple examples of both definitions in use, making things murky.
So I turned to Merriam-Webster’s dictionary: “ of, relating to, or being a vulnerability (as in a computer or computer system) that is discovered and exploited (as by cybercriminals) before it is known to or addressed by the maker or vendor”
And of course they use an “or” to make it ambiguous as to whether the days start counting when the vulnerability becomes known, or when the vendor has addressed it.
> A friendly reminder that a 0-day is a vulnerability that wasn't known until after a malicious actor exploited it.
No, the full name was always "zero-day exploit". The number 0 refers to the days between the vulnerability being known by the vendor and the public availability of the exploit. So the vendor has zero days to create a security patch before the release of the exploit.
The term "zero-day vulnerability" is a derived term to refer to a vulnerability affected by a zero-day exploit. Similarly, a "zero-day attack" is a derived term to refer to an attack carried out using a zero-day exploit.
I think people may miss the point of a repo like this. Individually these are small puzzle pieces that can't do anything. Put them all in one place and it becomes easier to pick up pieces and try them together to see if they fit and build something bigger. Get enough pieces to fit together and you actually have something. This is the 'FOUO' idea in security. Enough open information gathered together in one place crosses the boundary from 'just public info' to 'secret stuff here!'. Now we have automatic puzzle solvers (coding assistants) a repo like this becomes a lot more meaningful.
Yep and typically none of this is meaningful unless you have no security practices at all. You can't have it both ways. Every security team says these things are all critical even though, for example, it's only being used internally. Cool, so you somehow have our network cert, are on site physically, have compromised a laptop fully without all of our tools detecting weird shit, have a password, admin access to the repo, somehow are spoofing MFA, etc etc. Yeah it all adds up, but as an admin I'm just fucking done dropping everything for these kinds of things.
What if this person is from an AI lab that really wants the govt to keep suppressing Mythos/Fable & GPT5.6? It's what I would do, the timing couldn't be any better.
my point is that if someone is releasing these without access to mythos/gpt5.6, then it can spook to govt and cause them to keep suppressing access to those models. if i'm competing with anthropic or openai and feel they have pulled far ahead, this is a decent move. i didn't say that it is for sure what's going on, but hey, there's a tiny bit of probability that it can't be ruled out.
I took a look at the Ghidra ones (because I use Ghidra), and I'm unimpressed: https://github.com/bikini/exploitarium/blob/main/ghidra-12.1...
The first requires being able to overwrite binaries in the Swift tool directory. Yes, if you overwrite binaries executed by ghidra, you can trigger code execution. This is not a surprise.
The second, idk, I'm not familiar with TraceRMI (but it's probably worth noting that "RMI" stands for Remote Method Invocation).
The third is not a vulnerability in the slightest, they just demonstrate that native 7zip parsing code is reachable. Maybe there is a bug in the 7zip parser, but without that it's meaningless.
I immediately saw the Ghidra one and was thinking: huh?
The bigger takeaway is someone that smart is pissed off and dropping their shit with zero warning... but hey, that's just like, my opinion man.
You don't need to be pissed off to decide that immediate public disclosure is the best option.
Ok, I don't know their emotional state. Fair point.
Maybe I'm projecting my own biases ;-)
Meanwhile, some dude was just playing with claude and accidentally made his repo public.
> Yes, if you overwrite binaries executed by ghidra, you can trigger code execution.
> but it's probably worth noting that "RMI" stands for Remote Method Invocation
This reminds me of someone submitting a (clearly vibecoded) vulnerability report claiming to have found a way to execute arbitrary SQL. The project in question? An SQL server... https://github.com/tursodatabase/turso/pull/4322
lol, that's great...the "vulnerability" isn't even in turso itself, it's a helper method inside a unit test.
The Turso example is a little ironic because their homepage brands them as a product intended for use primarily by AI agents.
I'm no expert on any of these programs, but that's kinda the problem, isn't it? No single person is an expert on every codebase supposedly exploited in this repo.
After a bit of research, the Firefox one seems plausible to me. But, I haven't actually tried the POC. The explanation about the private-data and untrusted-input flags is plausible but I'm not an expert on Firefox's internals, maybe that's not actually how it works.
This just sucks, all around. Are we going to need every open source project gawking at the same repo full of stuff that has nothing to do with them, on the off chance that someone discloses a vuln that does have to do with them? Is this some kind of performative complaint about high friction in responsible disclosure? Well great job dickhead, you've just made a system that's even worse. Nobody benefits from this. Yuck yuck yuck.
I actually prefer them being public than in some governments or corporations toolbox
> Nobody benefits from this
Disclosures always enable more secure software to theoretically exist,
even if nobody follows through creating it.
They often do.
The inputs are truncated to prevent malicious prompt injections. The PoC ignores this by using a fake model which is easily convinced.
The Gitea one looks marginally interesting, but is probably not exploitable in practice (unless Gitea or whoever else isn’t properly isolating jobs on dedicated VMs). I suspect GitHub Actions has similar behavior and is not considered exploitable because the user is assumed to already have local, non-namespaced root access.
Gitea action runner has a bunch of different ways to setup and doing the isolation properly looks tricky. The documentation doesn't provide any isolation tests to administrators, either.
The biggest mitigation is that gitea documentation discourages you from using action runners from untrusted users. Not flawless security, but it's something...
> The biggest mitigation is that gitea documentation discourages you from using action runners from untrusted users.
This recommendation seems incompatible with third-party collaboration, at least on its face!
Potentially, but for many projects things like that are tools that you want to control access to anyway. Anyone wanting to update the CI/CD process who isn't a trusted part of the project should be having their changes properly reviewed by someone who is anyway, at which point the reviewer is the trusted user not the random external entity.
I don’t disagree with that, but I think GitHub has shown that projects want to have their cake and eat it too. GitHub has also shown that it’s incredibly easy to design an insecure CI/CD that satisfies that goal, but I see that more as a symptom of them being first-to-market rather than an inherent quality of the problem.
Wait, isn't this about protecting the machine running the actions? If someone hosts a project on Github and allows anyone to run actions, it's Github's problem if there's a vulnerability to exploit. It's their installations that are going to get compromised, not necessarily the project's data.
Was just thinking it would be hilarious if these were all known CVEs hiding the next Shai-Hulud inside of them and waiting to compromise security hobbyists rushing to download them.
It wouldn't be the first time!
The design purpose of Windows Sandbox :)
TIL about Windows Sandbox. Not a Windows user myself (it's the Year of Linux on the Desktop™!) but this sounds immensely useful for technical and nontechnical users -- sort of a super-disposable container with UI? https://learn.microsoft.com/en-us/windows/security/applicati...
>The first requires being able to overwrite binaries in the Swift tool directory.
Does it? Or does it need to be in the same directory you invoked ghidra?
Ghidra one is pretty weak, but I checked out the ones that were interesting to me (c-ares, libssh2, ffmpeg) and they seem to all work as of the latest upstream commit. Weird
A glance at the nmap one seems potentially high severity. It might be a nothing in practice, but it being around parser code means the chances of preparing something to jump around are pretty high.
There'd be a certain irony being able to reverse shell anyone doing an nmap scan. If i had infinite tokens i'd throw claude on writing an exploit and dig through the history who made it possible because - if we take a moment to wildly speculate and assume it can ACE - this is the kind of bug an intelligence agency would love to have: Add a few ipv6 packets that then edit the trace being observed if the observer uses nmap / get access to any researcher pc who uses nmap.
Wireshark dissectors (protocol decoders) are basically all written in C, and anyone sending packets can pick a dissector.
These kind of tools have always had a broad attack surface. I've assumed state level actors already have exploits for them, mostly based on when I've used such tools for mundane network maintenance tasks and somehow do something that triggered an old-fashioned segfault.
Went over a few of these with a pretty keen eye, and they aren't that particularly interesting. The Docker one is just a weird bug, it's not a vulnerability, and certainly not a "0-day" (which is a pretty loaded term and people expect bad stuff to happen).
The nghttp2 nghttpx one is more interesting, and could potentially be used for phishing, but it's very hard to line up properly because the request queue is non-deterministic so basically impossible to target a specific victim (assuming proxy traffic).
The VLC one is just a straight-up crash/bug. And VLC crashes all the time when using weird codecs, so that's nothing new.
Am I missing something here?
I mean, that's how people get hacked. If vlc crashed on my computer, and every day I should raise thanks to my gods that I do not use vlc, I would immediately unplug it and thoughtfully consider the circumstances under which it would be safe to turn it back on.
Right, this is why video parse / decode ought to be sandboxed. Writing secure code for these formats, especially in C, is really hard. I just sort of glanced at the bug in the repo, but it sounds plausible. It certainly wouldn’t be the first of its kind.
And it's my impression the code is often in assembly, which is even less structured.
> I mean, that's how people get hacked.
...when was the last documented case of an in-the-wild hack targeting VNC?
VLC != VNC
Oops! I was on my phone. I meant VLC.
>I mean, that's how people get hacked. If vlc crashed on my computer, and every day I should raise thanks to my gods that I do not use vlc, I would immediately unplug it and thoughtfully consider the circumstances under which it would be safe to turn it back on.
What are you doing on your computer where it is really a threat to you? I'm curious as to your specific use case :)
Do you feel the same way about seeing "Segmentation fault (core dumped)" in the terminal from some other arbitrary program?
If not, why not?
This is common in the hype era of AI models that can look for security bugs. An open-source project I used to work on that is basically "distributed code execution as a service" keeps getting reports that the job submission function is a vulnerability. The reporters don't even understand what the project does.
0-days-vibes-vulns? There should be a new category, for spotting and handling the em-dashes of this brave new world of vulns and making the old fossils like me only picking my head up for the old painfully still hand-crafted artisanal ones instead. A kind of label, like free-range for eggs, in sum.
Yes, big pet peeve of the new world. Every em dash is apparently an AI trigger. Back in my day, they were a sign of great respect within my people.
I might like to see a collection of pre-2022 em-dash usage—a subset I suppose of the Low Background Steel category (https://lowbackgroundsteel.ai).
You completely misunderstanding the comment feels like an AI trigger
I used to be an em-dash user, but now my opinion is that I’d rather be perceived as someone who does not want to be confused with an LLM. So I’ve changed my writing style.
They're just so handy! I do think LLMs tend to use them in a specific way, though.
So maybe tweaking your usage (ex. no spaces around them) or using a technically incorrect en-dash might offer the desired effect while subtly signaling that your message isn't AI-generated.
I still use them — mostly for pauses — but I'd like to think my voice sounds distinct enough from an AI that people can tell.
I for one am striving for clarity and couldn't care less about being confused with AI.
However I've only ever used regular dashes. How do you type an em-dash? Is it OS specific? I've taken to using Emacs insert-char with a list of frequently used ones in my scratch buffer. My memory for Unicode is unreliable.
Macs have a native way to do dashes: option- hyphen for en-dash and option shift hyphen for em-dash. On Windows there are some application-specific ways that make sense, e.g. in Office, but outside that you’re on your own and have to use the “hold alt and type the character codes” method! Or charmap.
Keyboard layout specific. Macs with their default English layout use “option-shift-dash” which is really easy to remember (and relatively discoverable, as such things go) which is why using proper m-dashes (not just double-dashes) used to be a strong indicator a poster was using a Mac, before LLMs took the character over.
On iOS you type it by pressing dash and holding until alternative options come up, same way you type e.g. accented characters.
You can also just type two "-" minuses on iOS. So "--" will auto-convert to "—".
Macs have two possible ways. If you have key repeat enabled, option+shift+dash. Some newer Mac users may have the mode on where holding a key pops up an iOS-style bubble of alternate options, in which case they will just hold hyphen.
> How do you type an em-dash? Is it OS specific?
On Linux X11 at least, you can enable the Compose key and then press `<Compose>---` which results in — and `<Compose>--.` which gives you –
“⎄---”
In emacs, c-x 8 RET prompts you for unicode character names (or hex) so for rare use you can just spell it out. There's also C-x 8 _ m for em dash and C-x 8 _ n for en dash. (Hit c-x 8 c-h to get a full list of those bindings, like any normal secondary map - they're about as idiosyncratic as the XCompose bindings, but you might find some of them "stick" in your head better (I personally like "C-x 8 1 / 2" better than "Compose 1 2" even if it's a lot more typing...)
I've only ever been using "regular" dash, a minus, for that. How do you even type yours? If I ever needed differently-sized dashes (and I don't know the difference between them) I always used wiki to copy them.
(disclaimer: I feel like this obsession with dashes is special to native English speakers, which I'm obviously not)
Depends on your OS. Mac is the easiest, it's just ---, Linux depends on your distro, if it uses KDE, it's <right-win>--- —. Windows is a little awkward, I think you need <right win>+the code point.
I have mac, typed this --- again --- and nothing? Layout says U.S.
edit: another comment gave a mac shortcut – — - <--- one of these might be it
silly specific: the minus sign is a separate character. The dash equivalent is the en dash (–), versus the larger em (—) and smaller hyphen (-).
The en dash is also used in things like scores (3–2 Turkey), votes (the bill passed 58–42), or connecting words where the second part is longer than one word (the Australia–New Zealand alliance.) You can remember the latter as, "a hyphen isn't big and strong enough to hold on to more than one word.
If you're on a mac, pressing Option+- is the en dash and Option+Shift+- is the em dash.
My first language is Dutch (Flemish). I didn’t even know there were three different dashes. The em dash is something I didn’t know exist, or were used, until llms came about. The hyphen is something we use when we make a list, that’s just the minus symbol right?
So em dashes are for pauses or highlighting things I guess? The en dash you explained in your reaction. Is there any other use for the hyphen except for making lists?
It’s an obsession with literature and/or typography nerds specifically.
Option-shift-hyphen types an em-dash, option-hyphen an en-dash. You can also hold the hyphen key (on a Mac or iPhone) and it will allow you to select either. Em dashes are used—like—this—as something spiritually akin to a parenthetical. En-dashes are used within ranges: Feb 14–17.
Only a small subset of native english speakers. Most don't use dashes at all, of those that do most just use minus for everything, some exceedingly small group cares about typographical details and thus distinguishes the different sorts of dashes.
It's an attention to detail thing that you'd definitely want to get right in a physical textbook or the like.
That's the same in my native language too I guess. It's used in books, sometimes in media, but not really in any casual setting I would say.
Code switching in the post LLM era.
My feeling is that my writing doesn't sound anything like an LLM, so if someone thinks I'm an LLM because I used an em-dash, that's on them. That, or I royally screwed up and need to do a better job as a writer. At least with today's LLMs.
> if someone thinks I'm an LLM because I used an em-dash, that's on them.
I'll go a step further: I think I'd rather actively filter out people whose AI detection is that naïve.
I now use "ASCII em-dashes" by using two hyphens -- like this. Or--if you prefer no spaces--like this.
Nah, I’ve started noticing people doing this replacement automatically in LLM output. I just try not to write with dashes anymore.
the nn dash remains the goat. the arg dash
Don’t you love when your arg dashes get autocorrected to emdashes? And by love I mean hate with the fiery passion of a thousand suns.
Agreed. On an iPhone that’s the easiest way to type an em dash and consequently the easiest way to fuck up trying to write out a command line example.
same, or I use a semicolon
I use a semistoma due to medical reasons.
semi-colon will have me thinking you've typed up your comment in Microsoft Word
I like the cut of your jib.
It’s fine to use em-dashes — just be srre to add typos.
You can also have the em-dash itself be a typo, e.g. using the figure dash ‒ (U+2012) instead.
I just use a hyphen. It's easier to type, easily understood and you won't be accused of using an LLM.
What is the typical motivation to start using em-dashes?
Why go the extra way to have a slightly elongated dash when a normal one would just as well do the job?
I might be conpletely off here but I've never seen a situation where using a normal dash where a long one should be causes any sort of syntactic trouble.
It looks aesthetically nicer. It was also a bit of a signal that someone took pride in their work and so helped that way. It's a bit like whether your tradesperson cleans up after themselves. Technically sweeping up the dust after installing a kitchen cabinet doesn't actually mean anything for the quality of the kitchen cabinet installation, but in practice putting the effort into the presentation correlates with putting the effort into the actual work.
I understand the sentiment with the tradesman example. I would argue that there are a multitude of ways to care about or take pride in one's trade and emdashing the floor is just one of them.
An emdash means something different than shorter dashes
https://www.merriam-webster.com/grammar/em-dash-en-dash-how-...
i mean why use punctuation or any capitals at all, why not just blast words out in a stream of consciousness so readers know how yr thinking why even bother with speeling things write
Just because you don't care to use the proper dash doesn't mean everyone else doesn't. People have different levels of caring about different details. For the sticklers, there's even a special code point for ellipsis, … rather than .... (Four being correct, as one is to end the sentence.) Personally I'll just skip — entirely unless I'm in a trolling mood, though “sometimes” the right quotes are worth using. Special characters are easy to type on a phone soft keyboard, taking a long press on the relevant key, or if you're using any other advanced input system, so they shouldn't really be considered to be the mark of LLM input.
The real trouble is that people doing engage with the substance of the post anymore, and just shallowly dismiss a post as being vibe written, as if that makes any points raised invalid. Anti-intellectualism's always been cool among a certain crowd. Shame to see it spread but ah well, the propaganda's working.
I think people who care about correctness and also read a lot automatically see the difference and it seems (and is) technically incorrect to use a hyphen where an em dash belongs. That’s really it. Kind of like you wouldn’t just leave out the apostrophes in your writing even though in most contexts they are not strictly necessary for comprehension.
Leaving out apostrophes isn't the same though, is it? If you leave out apostrophes you have syntactic effects while a (sortof)dash is still sort of a dash?
Its not exactly the same, of course, but its pretty analogous. It’s a minor, technically incorrect change that doesnt change meaning or understandability most of the time. Ive left out a bunch of apostrophes in this paragraph and Im pretty sure nobody will have a hard time understanding any of it. Yet it would bug me to actually write like this.
Because ASCII minus instead of dash looks ugly. It's like using zero instead of "o".
I don’t give a flying fuck what people think. Most colleges copied or adopted my (for a few semesters) school’s style guide, so LLMs are essentially copying me, and I won’t change my punctuation usage because they suck.
Yeah, I get it, they do suck. It all sucks.
But people at work who are copying responses from LLMs into emails to others also suck, and I want to distance myself from them as much as possible. I'm kinda hoping we will eventually have a wave of "what the fuck are we paying you for if you're just copying stuff from an LLM to Slack" firings.
This is a pointless and infinitely losing arms race. LLMs will learn to use hyphens instead of em dashes, and so what? You’re going to start using em dashes again?
Just focus on not producing slop.
At this point, I believe the LLM "style" is on purpose. Perhaps the labs want to be able to distinguish their slop from human content for future training; I don't know. But it feels very deliberate that they've kept the style so consistent for so long.
I agree. They're voluntarily adding fingerprints to images so I expect the default voice is intentional and it wouldn't surprise me at all (though I have no evidence of this) if the output text has a fingerprint stenographically embedded in it.
In a video of Hank Green, he interviewed an AI expert (if there even is such a thing), and he said that in the thinking part of the conversation, LLMs seems to use code language to communicate with itself, like in the usage and ordering of words, and such.
I think that there could be even more then a fingerprint in those messages.
It’s this video: https://youtu.be/5CKuiuc5cJM?is=9VQ1FCxY_X3eNm-b
Warning: They anthropomorphize a lot in this video, but I get it… the words exist, why not use them.
I'll take this opportunity to repeat that the natural language interpretation of thinking traces don't appear to be "real" by any reasonable definition. Even if they can at times be useful (at least seemingly). There's research demonstrating the usage of arbitrary symbols, even just repeating a single symbol, leading to a similar improvement in ability. This makes sense if you consider how the attention mechanism and KV cache work as the sequence iteratively grows.
Basically we optimize the models to produce output with certain characteristics but that doesn't mean that what we see is the whole truth or even that the relationships in the underlying system are structured in the way that we might expect.
The purpose of good writing style has always been to signal education and class. Well, your style no longer does. The future is now.
> The purpose of good writing style has always been to signal education and class
Sure, that’s why there have never been any authors that became famous despite being poor and deliberately writing with that affect.
Good writing style does connote good education, and in environments where being upper-class bolsters social standing, some people flaunt it to signify class, as they would with any other wealth signifier, like expansive shoes.
I am a union tradesman— the third generation to work in manufacturing in this area. Affecting an upper-class identity diminishes social standing in my environment. Having a lot of money, definitely doesn’t. My dirty work boots probably cost as much as many of the trendiest shoes on the market, and the guys at work know that and admire them… but my wearing them doesn’t signify class. Similarly, you can use good writing style in a way that shows you went to a good school and paid attention without wearing it like a Harvard Business School fleece.
The purpose of good writing style is to communicate more effectively.
Sometimes you’re trying to communicate education or class. Often that’s not the main goal.
> I don’t give a flying fuck what people think.
So all your writings are private, then?
Do you have a motivation to communicate or publish? You're posting here on HN, so I think so.
Why do you do think you do it?
Ok— I don’t give a flying fuck if people jump to the conclusion that I am an LLM. And that concludes my willingness to engage in those pedantic semantic antics.
They all say that, until someone that matters mistakes their writing for LLM slop and they lose something of value due to it.
Sure— I don’t do any professional writing at this point, so my stakes are a lot lower. If I work in a field where people care about what I write, again, then maybe I will. Complete sentences are often seen as unforgivably inefficient in my current position.
Sounds like a case of the Mondays, Mike Bolton
YYyeah… that’s definitely the correct reference, Bob.
I'm a secret invisible ­ soft hypenator. I like to break words in whacky places that change their meaning only when they need to be broken. Like Democ­rats.
https://en.wikipedia.org/wiki/Soft_hyphen
It's a perverted expression of hidden passive aggression.
I propose that humans use Unicode U+2E3B three em dash ⸻ it is an impressively long character.
let’s market it as “human dash”
And if it ever catches on with LLMs ⸻⸻ we just make it longer
Just write —(human)— to denote that a human wrote the dash. Just be sure to instruct your LLM to write —(LLM)— so readers know the difference.
> U+2E3B three em dash
I had to look up why this exists, and apparently it was added in Unicode 6.1 (2012) because some style guide required it, and using consecutive U+2014 em dashes isn't sufficient because that might not render as one continuous line.
https://www.unicode.org/L2/L2010/10037r-longdashes.pdf
Lets just use random number of dashes.
It’s so they don’t train on AI data, right?
I still use them frequently. On iOS you just tap the hyphen twice, and it inserts an em dash—sorta like that.
The question is whether the m-dashes are surrounded by spaces or not. The spaces are utterly maddening. But yeah, RIP the mdash, who would have thought.
The thing is, in lots of contexts you cant easily type em dashes.
Google docs will convert “—-“ to an emdash but simple text inputs wont.
So when you see one in that context you have to consider the explanation. They copy pasted an em dash specifically, they drafted in Google docs, they know the unicode keyboard shortcut, etc. None of these are safe assumptions. And if it’s markdown you know it wasnt drafted in Google docs.
Those aren't even em-dashes and yet there's a huge thread talking about them.
It's interesting that Claude also over-uses en-dashes. It's very willing to create compound-noun-phrases, especially in that compressed-summary-paragraph it often writes. The 0-days-vibes-vulns that started this thread looks a lot like that, but it could be Claude directly, or just Claude's style influencing people who spend too much time with it.
Those are just hyphens, actually. En dashes are for ranges (e.g., 1–4, which is admittedly hard to distinguish from 1-4), not compound words. Point stands though—LLMs do love compound words and dashes in general.
..."and for the love of God, don't use M dashes when you write it"...input goes on for an hour droning about slop...
Are they all actually 0-day? I think a lot of them are from disclosed CVEs/code that were already fixed upstream. It often seems like the term "0-day" has lost most of its meaning today and people often use it to refer to any exploits.
Repo claims
> A single archive of public exploit PoCs and vulnerability research writeups. At the time I post these, none have been reported. Feel free to report them yourself and take credit for the CVE if handed out lulz. Please do not abuse these. I do this so to allure people into the field, and I've always found this is the most efficient way.
Which is roughly the definition of zero day. Whether the contents of the repo reflect the above claim is something else entirely.
> Please do not abuse these.
Reminds me of Jamie Wolf's joke about bestiality laws. Who are those for? What stops most people from bestiality is… not wanting to have sex with animals! For people who do want to, what, they won't because of… the law??
Who will this comment stop??
If it stops even just 1 person once, isn't it already worth it?
We slaughter animals millions by the day in an industrialized fashion. I'm sure they'll feel much better that even singular instances of sexual harassment are officially not ok on paper.
As a very general statement, there's a cost to having laws exist. A law that stops one human-scale action ever is very unlikely to be worth the overhead.
The laws are to punish the act once discovered. Not to inhibit it, primarily. Which I suppose cuts down on the incidence of the act in the long run,
That’s one school of thought. Law as a tool to punish those who have committed a prohibited act, mostly reactive.
Others consider law a way of encoding the group’s existing rules and norms.
In that view, making something illegal or mandatory is not a prerequisite for punishment: it’s the actual main point.
The threat of punishment is meant for those not deterred from an act by the simple fact it is illegal (and the threat only works if enforced).
Others put it the other way around, and see law as social engineering, a way to shape the group, either through the encoding itself of the desired behaviours in law, or through deterrence. Or both. If what one is after is either power or legitimacy, they need compliance more than punishment (can’t rule once you’ve chopped everyone’s heads off, or once the mob has put yours on a spike).
It’s also sometimes used as coordination (which side of the road we drive on).
And there’s also law as dispute resolution (if your neighbour’s hen lays an egg in your garden, who does it belong to? Yes, it’s ridiculous. Yes, some places have one or more laws for that). Which, incidentally, both requires and provides legitimacy. Funny, that.
And probably many other kinds / points of view, with many different purposes, intents, and mechanisms.
Anyway, all that to say law is vast, fascinating, and utterly tedious. And apologies for the tangent.
> Law as a tool to punish those who have committed a prohibited act
You're thinking of criminal law. And it's not just some group's rules and norms - there already exists familial or social group punishment for that. Criminal law is prosecuted by the State. It's the code of conduct of the society you exist in.
If you want a thought experiment for what life would be like without organised society, read Leviathan
Hence why we accept State governance and law (to a greater or lesser extent, obviously people protest specific laws and injustices and what's on the statute books changes on a regular basis), because the alternative to law is "nature", aka bigger-army diplomacy. Anarchy doesn't free people, it only gives freedom to those with existing power to disempower others. Those with superior power will simply rob, rape, kill or enslave everyone else.
States exist to secure their territory from those sort of external threats, and incubate an economy inside their borders, which aspires to bring wealth and happiness. The criminal law is put in place by those with the monopoly on legitimate violence, often encoding the views of the population, to keep their society running.
Either the fear of the consequences of breaking the law, or that the most effective way to reduce crime is to remove criminals from the population so over time these people being in jail or worse decreases the crime rate. They don't have to care about breaking laws in the abstract for the law, properly enforced, to reduce crime.
Those seem like two different scenarios though, right?
The point of beastiality laws are to give society some recourse to punish people who abuse animals.
There was a very famous case back in Washington state back in the early 2000s where a group of men were sexually abusing horses. It was uncovered because one of them died, and the other could only be charged with trespassing because it wasn't illegal at the time to sexually abuse animals.
Animal abuse is illegal in general. A specific law like this steps in in cases where the animals aren't harmed.
> in cases where the animals aren’t harmed
What an odd thing to say about the sexual abuse of an animal.
I don’t think the semantics are very important here, I think it was clear I'm talking about sexual abuse specifically without this odd clarification.
You cited a specific case. It's not odd at all in the context of that case. The professionals in charge of enforcing the law decided the animals weren't harmed.
> There was a very famous case back in Washington state back in the early 2000s where a group of men were sexually abusing horses. It was uncovered because one of them died, and the other could only be charged with trespassing because it wasn't illegal at the time to sexually abuse animals.
What I said, verbatim, about that case.
What part of that is incorrect or warrants clarification, exactly?
Using the legal definition of "abuse", yes it was illegal to sexually abuse animals. Their actions didn't qualify. That's what warrants clarification here.
I appreciate your definition of abuse here but it's confusing in a discussion about legality.
> yes it was illegal to sexually abuse animals
No, it wasn't. The laws are quite explicit about what "abuse" means, and if you take a gander at most laws (including Washington state's circa 2000 or so) in the context of animals it usually explicitly refers to physical harm (for example, mutilation) or improper living conditions. Charging them under Washington's existing abuse laws would've required the animal to be physically injured, which it wasn't. It's quite literally why they had to pass a new law.
I don't know why I have to explain this, but:
1) Sexual abuse can occur without physical harm or injury.
2) Beastiality is sexual abuse.
#2 can be split into two sides, and not everyone believes one of those is sexual abuse.
Edit: Removed video link because the second half was gross and unrelated. May try finding another clip, but the first half was of Cenk Uygur from The Young Turks about a decade ago saying he'd legalize cases where the person pleasured the animal.
Edit2: https://www.youtube.com/watch?v=6QUUcQqBkJA
I'll be blunt: I don't really feel the need to argue about that point. It's sexual abuse.
And my point is that sexual abuse is a subcategory of abuse.
You didn't imply until now that I was wrong about animal abuse already being illegal. In that case, a bestiality law doesn't fix the actual problem, right? It's a band-aid partial fix.
I'm not sure what your point is, to be blunt. It seems like you wanted to make some weird argument about the semantics of the word "abuse", and are now implying one of:
1) Beastiality isn't sexual abuse
2) Beastiality laws are pointless because it was already illegal under existing abuse laws (it wasn't, as we've repeatedly discussed)
3) Sexual abuse requires physical harm
all of which are pretty gross (1,3) and/or pointless (2). I don't really feel the need to argue any of this any further, so I'll leave you to it.
Well, it's a joke because the problem becomes apparent after you think a bit about it. The exact same reasonig can be applied to anything illegal, criminals are criminals because they don't respect the law, so you could try to say that laws are useless. Reality is, if something is illegal not only someone can be punished after the fact, but in some cases also preventive measures can be taken.
Regarding the comment, it isn't going to stop anyone. Most people will not do cybercrime because they're honest. Of the remaining, the risk of being sentenced to jail time will instead stop some people, even if not all of them.
I mean I do actually think laws are basically useless. Good people don’t need em, bad people don’t listen to em.
I guess “bad” is excessive. I regularly observe traffic laws with less rigor the your average police officer would prefer.
As you're basically saying, the world isn't black or white. There's also a category of people that needs an incentive to behave. Also, without any laws, it would be problematic to punish "the bad guys". At that point, what you can or cannot do would be only a matter of relative power: who is stronger can do whatever they want to weaker people.
This is how it's always been. The law just produces another axis of strength that is easier to gatekeep.
Technically there are distinct crimes where we know that shifting penalties changes what happens but the impact tends to be on organised crime.
The jury, maybe.
> Who are those for?
The people who want to see the people doing bestiality punished
I don't want to "see" any of it...
As well as those who don't wish to be blessed with Herpes-B from somebody who thought it was a good idea to engage in unsafe sexual activity with other non-human primates
>What stops most people from bestiality is… not wanting to have sex with animals!
The main issues are that it's potentially really harmful towards the animals, depending on act, and a vector for zoonotic disease transfer.
If you're going to do it, do it right, and accept that you're probably going to end up with some system transfer you didn't necessarily anticipate.
RCE has no meaning either in these situations. The "remote" part is usually an ssh root session if it means anything at all.
AI is always a bit eager to report everything as an issue because the "number" of findings is seen as a measure of it's intelligence. Same happens with code review as well. It reports lots of non-issues. I suspect even Mythos output could have the same bloat, and the number (instead of severity) of the issues it reported could have scared people.
This is not what I heard from folks who worked directly with mythos. I was told that the vulnerabilities it generated were largely real and meaningful.
I'm an OSS developer and I've received three "CWE" alerts in the last two weeks. While they were all valid, they were for very trivial things like "this debug logfile could overwrite a file if it were a symlink" and "if a user is able to put OSC screen codes into the Git output they could write arbitrary data to the screen"
These AI models are making *everything* sound like an exploit. Not sure if this is good for the ecosystem. It makes me question everything that comes in more carefully. Is this a real exploit, or someone farming for karma to claim "I opened 39 CWEs in the last week. Hire my 'security' company to audit your code."
There is going to be a flurry of this sort of stuff as the AIs get smart enough to find them. It will naturally die down as the legitimate ones are fixed. Yes, there will always be some level of this, but I’d expect it to be low and the exploits found to be increasingly complex. This is a time of transition.
> It will naturally die down as the legitimate ones are fixed.
Seems like we're already in the middle of this phase, but rather than dying down, the 'reports' have just gotten more noisy and obtuse, making it more difficult to establish the actual degree of threat / attack vector.
And if you are a state agency who'd like to keep the undisclosed zero-days you rely on secret, spamming maintainers with reports makes sense.
As a bonus if you find any actual zero-days in your mass-generated ones you don't report it and get a new one to play with.
I mean. Makes sense until adversary states start walking through the same doors you’re using. At which point you might regret that maintainers are too flooded to deal with it.
Assuming, of course, said state agency is operating under sufficiently strategic governance and management…
> a flurry of this sort of stuff as the AIs get smart enough to find them.
I really think this characterization is misleading. It's not "getting smart", only more tailored toward a specific usage, better curated dataset, better harness, better prompts, better labeling of results, documentation of failures and success, etc.
The outcome is (hopefully) overall better but this anthropomorphized wording makes it sound like AI itself is somehow changing or evolving. No, both academia doing fundamental research, industry making it available commercially, and finally security researchers making the entire tooling and process packaged as a service are actively shaping it to make it better. There is no "it".
Yes, of course. I’m definitely anthropomorphizing as a shorthand. I’m the first one to say that these models are just a lot of matrix math.
Do you have a definition of "smart" such that there is something an AI could do to prove itself intelligent?
Or are you just defining "fast" as something only horses can do, and considering that a useful insight about cars?
A future AI may be intelligent, but LLMs are clearly not. They have no agency, no ability to reason, and no world model. The most effective way to use them is to treat them as next token prediction machines, because that’s what they are.
edit: downvotes but no rebuttals. feel free to show me where the agency, reasoning from first principles, world model etc exists. or you can ask an llm and they'll tell you they don't have those.
I think you are giving the word "smart" a meaning or implication that it no longer has or is used with. It is common to say Google Search or Siri got smarter/better or dumber/worse, so I don't see saying LLMs getting smarter is any different.
Honestly execution complexity is over time becoming a lower and lower barrier too.
> It will naturally die down as the legitimate ones are fixed.
Every software update introduces and reintroduces them
Perhaps, but as the AI analysis becomes part of the release process (or even the CI process as prices fall), you’d expect those new issues to be caught before release and fixed. We’re seeing them caught post-release for now because the code is older than the AIs, so we’re catching up.
Looks like someone is running one of the LLM models and publishing the results. It looks that way because there is a really wide mix from things that are silly "replace system binaries to run arbitrary code!" to things that could be legit. That is kind of par for the course when you ask an LLM to 'find an exploit and write a PoC' kind of prompt. Presumably if you train something on the last 15 years of Metasploit[1] reports it can find the same bugs that people have written into new code.
[1] https://en.wikipedia.org/wiki/Metasploit
Pretty unimpressive as security vulnerabilities. It would be better to just say these are simple bugs for the most part.
all vulnerabilities are just bugs.
But not the other way around, which makes them different.
Actually, Mudge of the l0pht (and later DARPA) once famously made the claim that all bugs are security issues waiting to be exploited in some way (I’m probably paraphrasing). I kind of agree. Although, the bugs on this dump are indeed mostly pretty lame, which is exactly what I’ve seen you get a lot of when you let an llm go bug hunting with no human vetting and confirmation in the loop.
It’s possible/likely that whomever is running this experiment is keeping the non slop bugs to themselves. It’s probably what I’d do.
Such claims can both be true and pointless. For those of us who have to decide what actions to take, there is a point in differentiating between bugs and vulnerabilities, and breathlessly proclaiming "we found a vulnerability but we don't have an exploitation vector or proof that there's a meaningful security consequence" is annoying and likely to get the proclaimer ignored in the future.
The context in which that statement was made, and in which I’m repeating it, I think, is just to say that any bug has the potential to be used maliciously. Ignore it, fine, but also don’t overreact to the intended message…
Peiter Zatko profits, personally and professionally, from conflating the two. Making such bold pronouncements is a way for him to stay relevant.
Also, I've known some thoroughly unimpressive people who have affiliated themselves with DARPA. I wouldn't use it as an appeal to authority.
Vulns are a subset of bugs. What the above commenter is saying, is that some bugs don't belong to this category.
I disagree. That FFmpeg code execution is absolutely nasty
Maybe I'm missing something but the ffmpeg buffer "exploit" involves passing a custom exploited buffer callback to parse a RASC file that presumably has been crafted to contain a packet that can exploit the custom buffer passed in? I don't see how this would be used in practice in the wild as to achieve the first step (custom buffer invocation) would require you to already have access to the machine to even invoke ffmpeg with it?
Like yes there is a heap OOB issue in an incredibly old file format, but without already having arguably compromised access to a machine, exploiting it for RCE seems impossible?
The custom get_buffer2 path is not something the attacker needs shell access to invoke. It is a normal public libavcodec API used by applications embedding FFmpeg. The attacker’s input is still just the crafted RASC/AVI media. The target application invokes FFmpeg/libavcodec during normal media processing. The PoC uses a custom buffer provider to make the heap layout deterministic and to place a demonstrable callback pointer next to the decoded PAL8 plane. That proves the bug can redirect control flow in a valid libavcodec decode flow. It does not mean the exact same file will pop calc under stock ffmpeg -i everywhere, but definitely not impossible. I popped a few shells today with it on a few websites for testing purposes. Reported it to them all, of course.
Reminds of the message in the The Anarchist Cookbook before one the recipes that essentially said: "This is really dangerous, don't ever do it, here is how you do it."
The old book didn't say "... maliciously." though?
I also have a library of bugs I found using Claude Opus 4.8 through the Customer Verification Program. Undisclosed, Atp I dont even know if they have been found by someone else. But just like this repo
Theres a bunch of very specific scenario DoS bugs, buffer over/ underflows, that will get caught by ASLR and whatnot
When I report serious ones, mostly the devs will respond with something like, yeah, thats how we designed it in a dangerous way, so that the layer above or below can solve the issues, and other footgun stuff.
Bugs are bugs security vulnerablities or not it's good for open source project when someone actually goes through the code even if it is with an llm. As most people assume someone has gone through the code when it might not be true.
I want to rush to git clone, but as things are, the odds are extremely high that this kind of things that are too good to be real are honeypots and something there will compromise your machine or make your llm start working for someone else...
Then, don't rush and take a few minutes to set up a virtual machine.
What about all the virtual machine zero days?
Buy a VM in the cloud?
You can just download the zip over HTTPS
Most of the exploits are for opensource/free software.
I don't know what methods where used to find these exploits but I am starting to think security through obscurity might not be a bad thing in this day and age, where someone can just let bots loose on your codebase.
llms are fantastic disassembly partners, they're quite good at labeling functions from various dissassemblers -- the net losses from losing the benefits of open source , imo , outweigh the protection afforded by hiding your source code in yet another layer that is more and more easily unrolled through automated procedures.
disassembly only applies to client side software
something like nginx could arguably be more secure if it was closed source
(I am a proponent of and contributor to open source)
Only until a single server running nginx is hacked and the binary leaked though...
Um, the nginx binary would have to be in the hands of hundreds of thousands of server operators. And the set of server operators is rich in the kind of person who would attack it. Not to mention the huge number of leaks you'd get.
Maybe if it's some server-side software that you only use yourself...
And isn't it also mostly a transitioning issue. Those open codebases will be constantly scanned for potential security issues and getting more and more hardened. There are probably a lot of easy wins that are going to be discovered over the next few years but it should taper out after a while.
Fair point but it assumes we all have access to LLMs with the same capabilities.
I don't think that's exactly it. OSS only needs someone to have a strong LLM to check for bugs. If your software is proprietary, it's a competition between just you and whatever model you have vs any attacker and whatever model they can lay hand to.
I don't see the difference.
> OSS only needs someone to have a strong LLM to check for bugs.
The same applies to propietary, closed-source code. It being closed-source means that the source isn't generally available, but the executable is. Hence, someone with a strong model can still reverse it and find vulns.
I was thinking the only obscurity now is when the program is sitting on the other side of a network. (And has very strict rate limiting?)
Open source is a good thing, but I don't think what you are proposing is accurate.
A different way to frame this would be that those bugs would never be surfaced or exploited if the software were proprietary.
Presumably, one could let the bots loose on your own codebase first. The question is one of financing of course. If your end users are enterprises willing to pay for a support contract, they probably care enough about not getting hacked to endure the higher prices that would let you throw enough tokens at the problem. Other open-source projects might have a harder time.
> I don't know what methods where used to find these exploits but I am starting to think security through obscurity might not be a bad thing in this day and age, where someone can just let bots loose on your codebase.
I'd love to hear why you think obscurity is bad, if you now think maybe it's good in the LLM age?
I'd also be interested if you could describe exactly what or how you think security through obscurity works, or doesn't?
I've been thinking a lot about how to better teach this concept, so I'm looking to understand exactly how everyone thinks/understands how it currently works, or should work, or what it should do. I don't care about the "correct" answer, (I have ddg too :P) I'm interested in general expectations from SWE's that I might teach at work, instead of opinions of security eng speaking about theory.
"one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them" - Claude Shannon
https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle
If you believe this, then why did you say?
> starting to think security through obscurity might not be a bad thing
Because of asymmetric differences, I don't have access to powerful LLMs but attackers might. And also the complexities of software dependencies (supply chain vulnerabilities), my software depends on packages not in my control and I don't have time to audit the entire stack.
Perhaps the answer is to depend only on packages that come from people that are more competent than you so you can know if or when your program is compromised that it'll most likely be your fault and not theirs.
Security through obscurity can make something a bit more secure in practice by annoying an attacker IF AND ONLY IF you're not relying on the hidden information remaining secret in order to the system remaining secure. E.g., if you're using a broken cipher and assume this is ok because no one knows which cipher you're using, you're gonna have a bad time.
In the case of FOSS software, it is generally recognized that the small advantage of keeping the source secret is far outweighted by the contributions and vuln reports you get if you publish the source.
I think LLMs might actually have a bigger effect on closed source software - the tedium saved on open source bug hunting is significant, but on closed source software the tedium of finding bugs is extreme because of all the reverse engineering, but LLMs will chew through that. So there's probably a lot of low hanging fruit.
Looks like a bunch of re worded copies of existing CVE and a few new lower severity things. I only call them low sev because they seem to require the user to do things that are already inherently dangerous. Just my 2 cents from a quick scan.
Edit:
To be clear still interesting finds. I think with some chaining some of them might be more severe. Like the ovpn one and windows potentially registering vpn app as default open or some protocol opener for a url location like openvpn:// in an I frame and some clever social engineering. Just a random thought
Yea, that's what's confusing. some of these are like lower level slop but some are like genuine criticals.
Floci, libssh2, c-ares, FFmpeg, and the PHP one are all LEGIT./
The Ghidra one for example, not so much. I cant help but wonder if this was halfway completed research folder and they just published it as is
I wonder if LLMs can tell the difference. Maybe it's like back in the day when you had to add "+good -bad" because otherwise it wouldn't know you wanted it to be good.
trying something new? this is interesting. the problem is that submitting reports is too slow. if you find one then your not supposed to share. but then over the next 90 days you learn no one cares and 13 other people submitted it before you, 43 after. maybe better that we just know. so we can run code we can trust sooner. zero is the proper number of dependencies. otherwise assume its broken.
I'm going through each one, and it's fascinating to see things like this. The UAF principle in c-ares is really interesting.
The problem ultimately came from not being able to prevent stale pointers. The attack works by figuring out the size of the stale pointer, then spraying memory with data of the same size, and finally achieving RCE (Remote Code Execution). How do people even come up with ideas like this?
But do people actually find these vulnerabilities on their own, or are they using LLMs? I was curious about how these vulnerabilities work, so I tried asking my dear friend Mr. CLAUDE, but he immediately threw an error and ended the session because it was a cybersecurity question. Enterprise APIs block even the analysis itself, so it's amazing that people can actually pull this off in practice.
I imagine this is a large open model like GLM5.2 etc
If you want to chat with Claude about this, I'd recommend using Opus 4.6. IME it's happy to talk about (and even write) PoC exploits
People have always used tools. Some people have better tools than others. I guess the line is thin whether they found on their own or not.
le sigh, c-ares. Very predictable outcome. If you ever find yourself entertaining the idea that you will simply write non-blocking network protocol stacks in C with manual lifetime management, slap yourself. It doesn't matter if you think you are a super genius of unimpeachable taste. The job is impossible.
Thank goodness I use a GC language
cool to see rustdesk. low level memory bugs were long mysterious and i think often received most of the attention for this reason, but always fun to see reminders that "nope, good ol' fashioned logic bugs in high level languages have security implications too." if anything, i think they sometimes are more clever as they require deeper understanding of what the code actually does, intends to do and what was overlooked rather than the common set of bookkeeping errors that are often the root of the memory bugs.
I will consider it legit when in next 24 hours MSFT blocks it.
A surprising amount of documentation if the actor was just LLM-dropping these..
Why is that surprising? LLMs can churn out arbitrary volumes of "documentation" in an instant.
This was sarcasm, meaning exactly what you wrote.
I can't see how it could possibly be read as sarcasm.
That seems trivial for an llm to provide.
we have got to stop putting our bank accounts and SSNs on computers
... support cash, tell your neighbors
til you get debanked
Cash doesn't require a bank.
Banks are kinda useful to avoid getting robbed all your money, on a regular basis.
Many French people with crypto money experienced that the hard way recently.
do you have links about the french people?
Sure, here are a few links. Use your favourite translator.
In short, it's a very active and growing activity. Many data leaks helped people to identify wealthy targets. Some just brag about having crypto.
https://www.lemonde.fr/societe/article/2026/04/24/enlevement...
https://www.franceinfo.fr/faits-divers/cryptomonnaies-la-vag...
https://www.lemonde.fr/societe/article/2025/08/19/l-ascensio... (paywall)
https://www.slate.fr/societe/enlevements-lies-cryptomonnaies...
Some random recent ones we know about:
https://france3-regions.franceinfo.fr/grand-est/haut-rhin/mu...
https://www.leparisien.fr/faits-divers/renseignes-par-des-ha...
Kinda does?
Doesn't at all. You can take cash, keep cash and spend cash without any bank being involved. Cash is more anonymous than crypto and (if it's USD) accepted just about everywhere.
Banks give you an advantage with transaction security and deposit insurance, but that's dealing with money and not cash.
And Monero for online.
We need our infrastructure to stop treating bank account numbers and social security numbers as secrets. At least in the US, bank account numbers appear on physical checks and are required to be shared in order to do an ACH transfer, and a social security number is not supposed to be used as an identifier (unless to the Social Security Administration itself) or as a secret password.
Ideally, nothing nefarious should happen if both of them were listed and queryable publicly.
It’s quite ridiculous that we haven’t been able to build a modern identification system capable of replacing SSNs in the last 30 years.
SSNv6. It will take 20 years for a 50% migration
Hang on, can you actually do something nefarious with just the bank account number?
If someone has your bank account and bank’s routing number (which is also not secret), they can make fraudulent ACH transfers and payments from your account. Of course it will most likely be caught as fraud some time after the fact, but just those two bits of not-secret info are enough to grief someone.
And both numbers, plus your name and address and a convenient sample of your signature, are on every check you’ve ever written.
I suddenly feel very clever for signing everything with “Shamu T. Whale”
Knuth had to stop sending real checks for errors spotted in his books because they would post pics of the check and thieves abused the account https://www-cs-faculty.stanford.edu/~knuth/news08.html
AFAIK that's US thing. In normal countries bank account numbers are not a secret. The worst thing that can happen is someone sending you money.
Yes but there are steep penalties for bank fraud so it is not especially common
Firewalled VM, locked-in keyboard/mouse, 1 query to any agent and it's setup.
You all need a better system than US SSNs
You can buy your SSN for $6-$10.
I’m sitting on a 0-day rce on the tizen browser (smart tv)
Didn’t bother submitting since who actually uses tizen?
Mythos has been achieved internally
> At the time I post these, none have been reported. Feel free to report them yourself and take credit for the CVE if handed out lulz. I do this so to allure people into the field, and I've always found this is the most efficient way.
I've been a skiddy, he would have believed this. Thankfully, I've grown a bit, and can see this for the transparent, "I'm angry and want to hurt others so I will feel a little less alone", it actually is.
I'm sorry you're so angry dude (me too), but as someone who's joined the blue side, we'd appreciate it if you gave us some kind of heads up, the bad guys generally have a lot more time to scroll for new payloads than I do. Not all of us deserve the kindness of a heads up, but every single one of our users deserve it. Don't punish them because you're mad at someone else.
You can flex on the idiots you're trying to flex on, without hurting people. Even an email to security@[that_project_domain] saying "hey, I've published these" would move you from the group of people I see making the world worse, into the group making it better. (You don't have to, obviously, but making the whole world worse wont make you less angry.)
While i can follow your path, maybe because i see the same, i sadly have seen in groups of friends how this can go sideways very fast. If you report things, some companies gone treat you as a criminal/offensive actor and even go legal actions against you even you just tellem here you got this vuln.
Sure you than can do it anonymous and so on but point is : its not like every actor that gets notified will react thankful to it. Some even just ignore it.
How bad are your security practices that these tiny obscure things matter? None of these findings that show up here on HN should even make you flinch. The alarmist takes on this stuff is fucking exhausting and I'm tired of security teams bugging me about it. Do your job and this shit doesn't matter AT ALL.
I said "doesn't matter" to someone once... the resulting lesson came in the form of a reply from the whitehat researcher (waves, hi brian!) a 16step exploit chain resulting in a one click full account takeover.
I'm equally annoyed and over the alarmist takes. But I don't think it's fair to group mine into it. I'm annoyed at seeing discard respect for others into the same void everyone is happy to toss quality.
Do these tiny things matter? No, not to the default-panic-level everyone adopts when they see 0day, or CVE... but duh, I'm now just repeating exactly what you already said. That no, for the record is mostly because I don't use any of these, not just because they're boring exploits. While I always look, I default assume anything CVE is boring/pointless. But I still read them.
But then, I'm not trying to convince the owner of the repo. I'm trying to discourage the theme among researchers that "no one cares", because I have seen researchers disclose bugs publicly, that we'd be eager to pay out on, because they disagreed with the decision on their last report.
I've fixed bugs being actively exploited against our users, that was found/fixed only after a whitehat report for something adjacent (we pay on those btw, and you should too). I don't wanna live in the world where it's easier for the bad guys, the only way we get there is once "everyone knows", you gotta report the all bugs that you can turn into an exploit. I don't want "the whitehat researcher culture" to move towards, who cares' dump the PoC on github, screw anyone that could be hurt by the bad guys, they deserve to be punished for the incompetence of others. SWE's are shit at security, security researchers are shit at SWE, the only way we get the good outcome, is if they're willing (and encouraged) to work together.
That’s a whole lot of “we” to not mention which company you’re at that supposedly plays well with security researchers/has a proper bug bounty.
Even if the company doesn't have a big bounty publishing exploit code without warning them is unethical. Moreover, a lot of these projects are FOSS without a company which could pay bug bounties.
I say we, intentionally not naming the company, because 1) doing so tends to turn off people's brains and they default assume everything $company does is the correct way, but if I say something stupid I'd rather someone tell me, instead of assume someone at $company must know or couldn't possibly know. 2) I say we, because I'm speaking for myself, (and maybe a tiny bit) for my 2 friends still running the BB program at what possibly should describe as my former company, but then I've always exclusively been speaking for me, not about them...
So I'm still not gonna name them, it wouldn't be hard to figure out who they were, with a likely-trivial amount of effort if feel the need to know... but if you'd rather, I'd encourage you to imagine I work at the worst company you can name or imagine, so you can use that to discard anything I've said. Because I'd rather be judged on my argument, not who hired me that one time.
Then say “When I was at my old school” - not “we”.
No thank you.
I meant it when I said it intentionally. I still run BB programs the same way, and expect others to behave similarly. Funny enough I was just talking to that friend this week, about the BB program. Nothing has changed so given my friends still follow the same pattern at that company... We is more accurate. Sorry it bothers you, but not everyone is you.
Nothing you said (in isolation) is “bothering” me,
but the ridiculous contradictions in what you’re saying are difficult to ignore.
You went from implicitly speaking for a bug bounty team,
to not speaking for one (but sort of your colleagues?),
to now unabashedly speaking for TWO bug bounty teams
…without even naming an industry?
No one is doing 16 step exploits unless you're a huge target in some way. 0.0000001% of companies fit that bill. And even then, ok, what did they get? An account login? What are they doing to do? Read email? Then what? "Use it for social engineering"? Who cares, you have MFA right? You have a firewall? You don't allow people to randomly jump from box to box via RDP? You have basic security and auditing on your fileshares? EVEN THEN, what, they get a spreadsheet from your last town hall meeting? I'm also tired of pretending that 99.999% of the data in a company even matters. Unless they have some way to cryptolock your whole company, AND you don't have backups/snapshots without any basic access security, there isn't a lot of value to be taken. Security "teams" are a bunch of fucking busybodies with nothing to do. Pay for a competent admin team and the security dept is completely redundant and useless.
> No one is doing 16 step exploits unless you're a huge target in some way. 0.0000001% of companies fit that bill. And even then, ok, what did they get? An account login? What are they doing to do? Read email?
Account take over of a user account. I'm pretty sure I could sell access to the DMs of a few popular people for 100x what we paid out for that report.
But also, I'm pretty confident that this researcher delivered this exploit because I'd said that there was no way he could use it maliciously, not because he wanted to be paid. Then, once I made that critical error in judgement by questioning (rejecting) his assertion in his report. He, like most hackers, being insulted by the idea, was then required to restore his name and reputation. There are the people who only go after targets that they can confidently make money off targeting... some of us care more about reputation than money, and will die on any hill when our reputation/work is questioned/doubted.
> Security "teams" are a bunch of fucking busybodies with nothing to do. Pay for a competent admin team and the security dept is completely redundant and useless.
Lmao, tell me you don't really understand what goes into getting functional systems/corp security without telling me. I don't even disagree with the point you were trying to make. You're absolutely correct! If you have a competent admin team, you don't need a dedicated security team. Unfortunately, as I live in the real world, where most people are incompetent, it does help to have a dedicated security team. Especially considering if you were an admin who is competent, you could make 2x as a security engineer, which normally keeps all the competent people out of admin, and thus requiring a dedicated security team.
I don't know why you're mad, or why you're arguing it at me. I'm pretty sure I already agree with most of your points... the only one I might disagree with, and only then because you're arguing at me for some reason, and that makes me think you probably disagree, with the important point which is, we're all on the planet together, you're not required to help me do my day job, but as an industry, both security engineers and security researchers, we need to remember that we're actually on the same side, and we need to aggressively resist returning to the us vs them mentality that we're just barely starting to escape from. Case in point, it appears to me that you think complaining about how security people are useless and CVEs don't matter, as a much more important point, than complaining about obviously irresponsible disclosure.
User/admin discretion for software they use should be a big factor, sometimes getting burned is how you learn to play with fire. Or decide that having your data/participation disrespected means you need to set harder boundaries. My solution is to try things in isolation, run very few services, try to avoid becoming dependent on the online, appreciate the offline and local first.
>I've been a skiddy, he would have believed this. Thankfully, I've grown a bit, and can see this for the transparent, "I'm angry and want to hurt others so I will feel a little less alone", it actually is
Please name the "victims" here.
I'm genuinely curious, have you ever had actual, direct threats to your safety before, as a person? As in, murder, torture, false imprisonment, or other __likely and credible__ threats of grave bodily harm?
> but as someone who's joined the blue side
Are you somebody who separates "cybersecurity" from say: military intelligence poisoning one of your employees, sending them to a hospital which is already compromised, before sending back their new asset into your very "secure" company?
I get the sense that folks here are assuming this could be the work of an AI practitioner or bot dumping a bunch of exploits. Assuming there are some serious exploits in this trove, what would the motive be to do it in this way - without reaching out to the various code maintainers in some way?
Those all are fake AI gen text.
oh-days for days
A friendly reminder that a 0-day is a vulnerability that wasn't known until after a malicious actor exploited it. If someone publishes a PoC, it is not a 0-day, just a vulnerability.
No, the days start counting from the availability of a patch.
I was thinking that the other definition was right and this correction was wrong.
Then I did some searching and found multiple examples of both definitions in use, making things murky.
So I turned to Merriam-Webster’s dictionary: “ of, relating to, or being a vulnerability (as in a computer or computer system) that is discovered and exploited (as by cybercriminals) before it is known to or addressed by the maker or vendor”
And of course they use an “or” to make it ambiguous as to whether the days start counting when the vulnerability becomes known, or when the vendor has addressed it.
what if a path is never released?
I've only heard it used as Retr0id's definition.
> A friendly reminder that a 0-day is a vulnerability that wasn't known until after a malicious actor exploited it.
No, the full name was always "zero-day exploit". The number 0 refers to the days between the vulnerability being known by the vendor and the public availability of the exploit. So the vendor has zero days to create a security patch before the release of the exploit.
The term "zero-day vulnerability" is a derived term to refer to a vulnerability affected by a zero-day exploit. Similarly, a "zero-day attack" is a derived term to refer to an attack carried out using a zero-day exploit.
I think people may miss the point of a repo like this. Individually these are small puzzle pieces that can't do anything. Put them all in one place and it becomes easier to pick up pieces and try them together to see if they fit and build something bigger. Get enough pieces to fit together and you actually have something. This is the 'FOUO' idea in security. Enough open information gathered together in one place crosses the boundary from 'just public info' to 'secret stuff here!'. Now we have automatic puzzle solvers (coding assistants) a repo like this becomes a lot more meaningful.
Yep and typically none of this is meaningful unless you have no security practices at all. You can't have it both ways. Every security team says these things are all critical even though, for example, it's only being used internally. Cool, so you somehow have our network cert, are on site physically, have compromised a laptop fully without all of our tools detecting weird shit, have a password, admin access to the repo, somehow are spoofing MFA, etc etc. Yeah it all adds up, but as an admin I'm just fucking done dropping everything for these kinds of things.
That's one way to do it.
Ah yes, the typical 'echo' command accepting untrusted user input 0-days.
Open source is the best
I call fake or BS because Microsoft would be already on it.
Skynet's strategy is to beat us into submission via spam slop.
"Cibercrime is cringe"
"cybercrime is cringe"
What if this person is from an AI lab that really wants the govt to keep suppressing Mythos/Fable & GPT5.6? It's what I would do, the timing couldn't be any better.
wouldn't it be trivial to match the repo to the user logs?
my point is that if someone is releasing these without access to mythos/gpt5.6, then it can spook to govt and cause them to keep suppressing access to those models. if i'm competing with anthropic or openai and feel they have pulled far ahead, this is a decent move. i didn't say that it is for sure what's going on, but hey, there's a tiny bit of probability that it can't be ruled out.