A recent branch of penetration testing has emerged around attacking Large Language Models (LLMs). The field is still young, which invites two notable consequences. To know how to hack LLMs, it’s important to understand what they are. At their over-simplified core, Large Language Models are next-word predictors (more accurately, next-token predictors) that output a “best”…
A few weeks ago, I had the pleasure of attending Hardwear.io (yes, it’s really spelled like that), a conference all about hardware security. I came in with very little hardware experience, which put me in a great position to learn from the ground up. Below are 10 takeaways to organize my thoughts and provide the…
The story begins with HackerOne, one of the leading bug bounty platforms. For those that don’t know, many companies accept vulnerabilities as part of public vulnerability disclosure programs, or they invite established hackers to private programs. The good ones even offer rewards. This is a big change from hacking twenty years ago, when a company…