AI-powered features are the new attack surface! Check out our new blog in which LMG Security’s Senior Penetration Tester Emily Gosney @baybedoll shares real-world strategies for testing AI-driven web apps against the latest prompt injection threats.

From content smuggling to prompt splitting, attackers are using natural language to manipulate AI systems. Learn the top techniques—and why your web app pen test must include prompt injection testing to defend against today’s AI-driven threats.

Read now: https://www.lmgsecurity.com/are-your-ai-backed-web-apps-secure-why-prompt-injection-testing-belongs-in-every-web-app-pen-test/

#CyberSecurity #PromptInjection #AIsecurity #WebAppSecurity #PenetrationTesting #LLMvulnerabilities #Pentest #DFIR #AI #CISO #Pentesting #Infosec #ITsecurity

@taktform (I'm coming from an S23 Ultra, so that you know my perspective).

It feels really, really nice. Very premium. Quite a bit lighter, love the flat metal edges. Display is slightly larger with less glare, and it seems like it gets a little bit brighter. Very pleasant to look at, not fatiguing. And using SmartSwitch allowed me to keep TikTok (and kept me signed in!), so that was nice.

Currently in the process of de-Samsung-ifying the device now. Disabling all the Samsung services, replacing One UI with Nova, etc. Will probably take me a full day to get it the way I want it.

I haven't had a chance to play with the camera, or do anything that would stress its performance.

But first impressions are very favorable, plus feels good to hold a new phone that doesn't cut up my fingers :neocat_laugh_sweat:

So, the Samsung Galaxy S25 isn't supposed to be launched until February 7. I pre-ordered a Galaxy S25 Ultra from #TMobile on February 1 with an estimated shipping date of February 6, thus expecting it to arrive on launch day with overnight shipping.

It arrived today, February 3, four days before the launch date :blobcatalt:

#samsunggalaxys25 #samsunggalaxys25ultra #android

This is a public service announcement to never ever use Oracle

When you start firing people for telling the truth, you’re not running a government—you’re running a cover-up.

Suddenly, out of nowhere, a declassified World War II-era CIA guide to sabotaging fascism in the workplace has become one of the most popular free ebooks on the internet:

https://www.404media.co/declassified-cia-guide-to-sabotaging-fascism-is-suddenly-viral/

“When a clown moves into a palace, he does not become a king.
The palace becomes a circus.”

#Inauguration2025

ugh no fair, @baybedoll still has a little bit of #tiktok !

This is not a win for privacy, this is a massive loss for all Americans as the country descends into the internet censorship that has plagued so many of the other unfree countries around the world.

It isn't the time to act smug or superior just because that censorship happened to target an app you disliked today. They will have no problems coming for the services you do like tomorrow.

#tiktok #privacy #censorship

ugh no fair, @baybedoll still has a little bit of #tiktok !

🤬

@rnd add a printf call to the top of each function :ablobcool:

If you're looking for a more elegant solution, compile with `-finstrument-functions` then add enter and exit hooks to your program:

```
#include <stdio.h>
#include <execinfo.h>

void __cyg_profile_func_enter(void *func, void *caller) {
printf("Function entered: %p, called from: %p\n", func, caller);
}

void __cyg_profile_func_exit(void *func, void *caller) {
printf("Function exited: %p, returned to: %p\n", func, caller);
}
```
https://codingrelic.geekhold.com/2010/09/gcc-function-instrumentation.html?m=1

"With #COVID, there are three risks that remain on the table. The 1st risk is that you have a variant that comes through that has much higher immune evasion...

The 2nd risk is that COVID eventually weakens people’s immune systems repeatedly through repeated infections. Everybody gets it once or twice a year and they are much more likely to end up with other health crises...

The 3rd risk is that the virus faces no intrinsic penalty for becoming deadlier."

https://www.wsws.org/en/articles/2024/12/31/zgyj-d31.html

#PublicHealth

jacqueline project update: i am looking for additional work. please hire me.

i am a very good software engineer. i can lead engineering teams, i can manage projects, i can design hardware. i have brought a physical product to market. i'm quite the catch!

if you've ever used an android phone, then you've run code i wrote. if you've gotten directions with google maps, you've used ui built by me and the team i used to lead. i'm also quite good at backend server development!

#fedihired

@hisdeedsaredust dancer2 is quite nice to work with, I've used it for quite a few projects. good luck, and happy to help you if you need assistance!

Please remember to update your passwords. It is now Winter2025!

Please make a note of it.

Cracking #aurora here in #lapland to end 2024.
Happy New Year everyone.
May 2025 see a bit more peace and harmony 🤞

On CVE-2024-53677 (Struts vuln), it's following a very similar path to the Struts 2 vuln this time last year:

- Media are reporting it is being exploited in the wild. It isn't. People are spraying and praying - the exploit payloads don't work.

- People are posting a PoC for it. The PoC doesn't work. You'd have to make a vulnerable webapp, and then tailor the PoC to it.

Not to downplay it, just keep calm and patch. You may have noticed the internet didn't melt last time.

The number pi has an evil twin! It's a number called ϖ with many properties similar to π. There are even mutant trig functions connected to this number, called sl and cl.

So maybe while you were studying trig in high school, some kid in another galaxy was having to memorize all the identities for these other functions.

I doubt it. Just as pi and trig functions are connected to the circle, this number ϖ and its mutant trig functions are connected to a curve shaped like the symbol for infinity, ∞. But this curve is just less important than the circle. I'm not enough of a cultural relativist to believe there's a civilization that cares more about the shape ∞ than the shape ◯.

This ∞-shaped curve is called a 'lemniscate', and ϖ is called the 'lemniscate constant'. I'll show you the lemniscate in my next post.

A civilization will probably only get interested in ϖ when it gets interested in the lemniscate.... or the deeper math it's connected to. On our planet, it was Bernoulli, Euler and Gauss who discovered this math.

(Why does unicode even have the symbol ϖ? Here's why: it's a script version of the Greek letter pi, sometimes called 'varpi' or 'pomega'.)

(1/n)

Und wie es wirklich ist. Frohe #weihnachten