HackerTrans
トップ新着トレンドコメント過去質問紹介求人

zastai0day

no profile record

投稿

[untitled]

1 ポイント·投稿者 zastai0day·6 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·6 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·6 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·7 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·7 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·7 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·7 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·8 か月前·0 コメント

[untitled]

1 ポイント·投稿者 zastai0day·8 か月前·0 コメント

More Than 6 Vulnerabilities in JeeSite Were Uncovered

medium.com
2 ポイント·投稿者 zastai0day·8 か月前·0 コメント

The Same Feature That Makes a Component Powerful Can Also Make It Dangerous

blog.zast.ai
2 ポイント·投稿者 zastai0day·8 か月前·0 コメント

Defeating "Bandaid Solutions"

blog.zast.ai
1 ポイント·投稿者 zastai0day·9 か月前·0 コメント

コメント

zastai0day
·9 か月前·議論
Man, AWS is at it again. That big outage on Oct 20 was rough, and now (Oct 29) it looks like things are shaky again. SMH.

us-east-1 feels like a single point of failure for half the internet. People really need to look into multi-region, maybe even use AI like Zast.ai for intelligent failover so we're not all dead in the water when N. Virginia sneezes.
zastai0day
·9 か月前·議論
Looking at the comments, it seems like everyone is just busy arguing about Microsoft versus other companies. Does anyone actually care about how this SharePoint vulnerability was exploited?

If Microsoft had just contacted ZAST.AI earlier, I believe this security incident wouldn't even have happened.
zastai0day
·9 か月前·議論
Yikes. I knew these AI coding tools were sketchy! Leaking private source code is a massive failure. Who would trust Copilot with their company's secret sauce after this? Just goes to show you can't blindly trust big tech.
zastai0day
·10 か月前·議論
Heads up, Samsung users. The September security update patches a nasty zero-day that was already being used in targeted attacks (think spyware). Another one found by Google's TAG. It's a critical reminder that those monthly updates aren't optional. Go patch your device if you've been putting it off.
zastai0day
·10 か月前·議論
Haha, good luck finding a real project that holds that title. It's always some squatted name, a dependency confusion experiment, or a troll publishing a package with version 99999.99999.99999 just to see what breaks. The "king" of that hill changes all the time. Just another day in the NPM circus.
zastai0day
·10 か月前·議論
Using LLMs to assist with code audits and vulnerability hunting is a really interesting direction. The article doesn't detail exactly how ChatGPT (o3) found this use-after-free vulnerability, though. Did it independently analyze and understand the flaw in the concurrency logic, or was it just doing pattern matching or fuzzing under human guidance?

I feel like the details are what determine whether this is a true milestone or just a great headline. Regardless, the era of automated AI vulnerability discovery might really be upon us, and the pace of offense vs. defense is about to get much faster.
zastai0day
·11 か月前·議論
What's its monetization?