A single, unchecked parameter in the OpenAI and Anthropic SDKs lets an attacker overwrite your AI Agent's system prompt, take over every response, and, in some cases, open a reverse shell from your server. This article explains how the issue works, shows you how to reproduce it, and, most importantly, how to fix it.
Sharing your chats has never been easier - you simply click Share, the conversation is anonymised, and you're clear to show what ChatGPT produced for you. There are no privacy implications - unless you pasted personal data into the chat itself, which OpenAI discourages. However, on 16th of April 2025 OpenAI rolled out two new reasoning models, o3 and o4-mini, that unexpectedly leaked the profile name associated with your OpenAI account.
A seemingly unexploitable CORS misconfiguration which was overlooked for years turned into a CSRF attack when chained with an XSS on an out-of-scope asset - all thanks to going back to the fundamentals
SMS OTPs are often seen as a secure authentication method, but what if they aren't? In this post, I break down how I reverse-engineered an OTP mechanism, leveraged probability theory, and achieved a 32% bypass success rate—exposing weak PRNGs and poor OTP management along the way leading to a 100% bypass success rate
