- 17
- 5 597
huntr
Приєднався 10 лип 2019
The world’s first bug bounty platform for artificial intelligence (AI) and machine learning (ML).
Between Two Vulns: RCEs, File Path Traversals, Drunk Chatbots – Oh My!
Between Two Vulns is BACK with your favorite hacker trio! Dan and Marcello dive into OpenAI Dev Day-coding with Canvas, “drunk” chatbots, and some spooky AI questions. Meanwhile, Ethan’s dropping insights from Protect AI’s October Vulnerability Report: RCEs, file path traversals, and more. If you’re here for AI hot takes, hacker humor, and a fresh vulnerability breakdown, you’re in the right spot.
If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the hunt on bit.ly/3RYrhDQ
Protect AI's October Vulnerability Report: protectai.com/threat-research/october-vulnerability-report
Join Discord: www.huntr.com/discord
Follow us on:
X: x.com/huntr_ai
LinkedIn: www.linkedin.com/company/huntrai
If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the hunt on bit.ly/3RYrhDQ
Protect AI's October Vulnerability Report: protectai.com/threat-research/october-vulnerability-report
Join Discord: www.huntr.com/discord
Follow us on:
X: x.com/huntr_ai
LinkedIn: www.linkedin.com/company/huntrai
Переглядів: 124
Відео
Between Two Vulns: AI Security Headlines You Can’t Ignore + Meet Our New Threat Researcher
Переглядів 165Місяць тому
In Episode 9 of Between Two Vulns, Dan and Marcello mix things up with a fresh new segment where Dan breaks down the top 3 things happening in AI and how they tie into AI security. Plus, we’re excited to introduce Ethan Silvas, our newest threat researcher at huntr! If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the hunt on bit.ly/3RYrhDQ Protect AI's ...
Between Two Vulns: What Happens at Black Hat... Ends Up Here!
Переглядів 1402 місяці тому
Get ready for the Black Hat Las Vegas edition of "Between Two Vulns," where Dan and Marcello, armed with nothing but sarcasm and some questionable life choices, tackle Protect AI's August Vulnerability Report. Recorded right in the thick of Black Hat, we're breaking down this month's top three AI/ML vulnerabilities submitted by our talented huntrs. Honestly, these vulns might just be riskier th...
Between Two Vulns: LFI in lollms Exposed and More!
Переглядів 2633 місяці тому
🔥 Get ready, huntrs! 🔥 Dive into the July edition of "Between Two Vulns" with our dynamic duo, Dan and Marcello. This month, they're tearing into Protect AI's latest Vulnerability Report, exposing some pretty gnarly vulns. As you can clearly tell by our thumbnail, we're not messing around this month. If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the h...
Unraveling PinkDraconian's Remote Code Execution Discovery
Переглядів 2033 місяці тому
Working closely with our team, one of our talented huntrs, PinkDraconian, uncovered a critical vulnerability in the parisneo/lollms-webui package: Remote Code Execution via Cross-Site Request Forgery. Not only did he report the bug, but he also went above and beyond by creating an in-depth video walkthrough of his findings. Read up on his spotlight and learn more about how he got into AI/ML bug...
Between Two Vulns: Live Hacking This Month's Top Bugs!
Переглядів 5064 місяці тому
Join the dynamic duo, Dan and Marcello, as they not only discuss the latest vulnerabilities from Protect AI's June Vulnerability Report but also guide you through replicating them live on huntr.com. This month, we're introducing exclusive segments designed to enhance your hacking skills like never before. If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join ...
Between Two Vulns: RSA Special - Fun Times and Critical Vulnerabilities
Переглядів 2965 місяців тому
Welcome to a wild RSA edition of "Between Two Vulns"! Join Dan and Marcello for a laugh-filled episode as they share their RSA Conference experiences and unpack critical vulnerabilities from Protect AI's May Vulnerability Report. We’re diving into a Remote Code Execution vulnerability in mintplex-labs/anything-llm and a Command Injection vulnerability in 'run_xtts_api_server' in parisneo/lollms...
Between Two Vulns: Inside Protect AI's Biggest Monthly Vulnerability Report Yet!
Переглядів 3366 місяців тому
The fact that we're covering 48 vulnerabilities this month is insane. Seriously, our community has been on fire, relentlessly submitting bugs on huntr. From remote code execution in PyTorch Serve to server-side template injections in BerriAI/litellm, we're covering it all. If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the hunt on bit.ly/3RYrhDQ Protec...
MXNet Un*safe Pointer Usage
Переглядів 946 місяців тому
Watch security researcher Sierra Haex uncover a critical bug in MXnet, a popular machine learning library, leading to potential arbitrary code execution. Learn how memory mishandling in a core function can be exploited, especially in web applications. Read the full blog here: blog.huntr.com/mxnet-unsafe-pointer-usage
Account Hi * jacking and Internal Network Att@cks in Kubeflow
Переглядів 1326 місяців тому
Learn about the security risks in Kubeflow versions up to and including 1.7.0. Our latest video explores how attackers can exploit vulnerabilities to leak authentication data and hijack accounts. Read the full blog post here: blog.huntr.com/account-hijacking-and-internal-network-attacks-in-kubeflow
H2O Exposes Entire Filesystem
Переглядів 5586 місяців тому
H2O-3, a popular AutoML tool, might be putting your data at risk. Uncover its vulnerabilities and learn how to protect yourself in our latest video. Read the full blog post here: blog.huntr.com/h2o-exposes-entire-filesystem
Advanced API Att@cks in ChatGPT
Переглядів 1376 місяців тому
Uncover the secrets of API anomalies and rate limit bypasses in ChatGPT with our latest investigation by Dan McInerney, our very own threat security researcher. Read the full blog post here: blog.huntr.com/advanced-api-attacks-in-chatgpt
Marcello Salvati's Career Journey & Top Tips for Newcomers!
Переглядів 1616 місяців тому
Meet Marcello Salvati, one of our esteemed Threat Security Researchers, as he shares his journey into the cybersecurity realm. Learn why he believes coding is paramount in cybersecurity, and why a background in statistics or math could be a game-changer. Join Our Discord: huntr.com/discord Follow us on: X: huntr_ai LinkedIn: www.linkedin.com/company/huntrai
Between Two Vulns: Breaking Down March's Critical LLM Exploits
Переглядів 4607 місяців тому
Welcome back to Between Two Vulns! In this episode, Dan and Marcello dive into the vulnerabilities highlighted in Protect AI's March Vulnerability Report. This month, they've got their sights set on vulnerabilities in applications handling LLMs, all thanks to the kickass submissions from our huntr community. Here's what's on their radar in this episode: - Unauthorized database access (CVE-2024-...
Between Two Vulns: Exploring Bugs in Hugging Face and Practical Vulnerabilities
Переглядів 8528 місяців тому
Join Dan and Marcello in episode 2 of Between Two Vulns as they dissect the latest vulnerabilities featured in Protect AI's February Vulnerability Report. This month, our dedicated huntrs showcased their expertise by uncovering intriguing vulnerabilities within Hugging Face, ML Flow, and more. 🔍 🔥 If you're eager to make your mark and want our team to spotlight your discoveries ➡️ join the hunt...
AI/ML Bug Bounty Pro Tips from Dan McInerney
Переглядів 5188 місяців тому
AI/ML Bug Bounty Pro Tips from Dan McInerney
Between Two Vulns: Secrets in Triton's Inference Server and MLFlow
Переглядів 6608 місяців тому
Between Two Vulns: Secrets in Triton's Inference Server and MLFlow
🔥
Love these guys!!!
Great content. Helpful
Cool vid🔥
If you really hate yourself you can use owasp zap 😭
🔥
REPORRRTTT ROAAASSSTT!!!
thank you so much for this informative video
Glad it was helpful!
This is cool, great production value. looking forward to more
Hacking with fun.! Awesome
My fav guys
Ultra high quality content. Even love the amazing banter and vibe👍Keep putting these out. Want to learn more ML security from you!
We're glad you enjoy it. More to come!
Gr8 content, wondering why such videos are not spread wide! anyway, keep up the good works guys ❤🔥❤🔥❤🔥
Thanks a ton!
Buy vowels 😂
They’re back!
That's super interesting. Awesome work
Here first nice tutorial
Marce sos lo mas. Abrazooo
Mate <3
Great show
\( ̄︶ ̄*\))
🎉
Bruce wouldn’t understand
New sub. You have officially raised the bar on amazing production value for security content👍
Fun video! You're a dynamic duo to watch.
Ok these guys are GREAT. Laughed a lot and loved listening to it all.
Good show and recap, keep up the good work guys.