One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into a data exfiltration tool

A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve ...

How this one-click Copilot attack bypassed security controls - and what Microsoft did about it

Reprompt impacted Microsoft Copilot Personal and, according to the team, gave "threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls ...
GitHub

AWS SSM Parameter Store GetParameters Action

A GitHub action centered on AWS Systems Manager Parameter Store GetParameters call, and placing the results into environment variables. This action is optimized to use the least possible number of API ...
GitHub

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

paramspider allows you to fetch URLs related to any domain or a list of domains from Wayback achives. It filters out "boring" URLs, allowing you to focus on the ones that matter the most.