User prompt CSRF on Le Chat and Grok
Published:
Reprompt-style vulnerability in Le Chat (Mistral) and Grok.
Published:
Reprompt-style vulnerability in Le Chat (Mistral) and Grok.
Published:
How to quickly use llama.cpp for LLM inference (part 2). This is a follow-up of a previous post on the same topic.
Published:
This blog posts explains that ECDSA and DSA signatures are malleable, that JWTs can be malleable as well and how this can be used to bypass some broken implementations of JWT deny lists (for revocation of JWTs or anti-replay protection).
Published:
I was reading the WebSub specification (formerly PubSubHubbub) when I found that there was a risk of reflected browser-side code injection (reflected cross site scripting, reflected XSS) in the WebSub intent verification exchange.
Published:
A list of computer security guidelines and references.
Friends don't let friends use $http_host
Published:
Two related authority-ambiguity vulnerabilities in NGINX and Debian's proxy_params configuration snippet.
Published:
If you are trying to understand the difference between the different cryptography-related formats (PKS#12, PKCS#8, PEM, X.509 certificate, DER, JWK, BEGIN ENCRYPTED PRIVATE KEY??? 🤯), you will hopefully find some useful information here (and a lot more your did not wanted to know about).
Published:
Books I have read in 2025. Should be mostly spoiler free.
Published:
Some (not so serious) cryptographic wisdom from a long time ago…
Published:
Cheat sheet for (some) reinforcement learning mathematical formulas and algorithms.
Page 1 of 13 | Previous page | Next page | JSON Feed | Atom Feed | RSS Feed