🐝 Hive Five 210 - We Are Destroying Software

Hi friends,

Greetings from the hive!

Started watching the second season of Severance. It's. So. Good. And that soundtrack is such a classic. It reminds me of the Succession theme song.

Speaking of the theme song, the innie vs outie TikToks have been cracking me up.

What have you been watching lately?

Let's take this week by swarm!

🐝 The Bee's Knees

• Top 10 web hacking techniques of 2024. This year, the community nominated a staggering 121 pieces of research - nearly doubling last year. MORE

• We are destroying software. MORE

• Mali-cious Intent: Exploiting GPU Vulnerabilities (CVE-2022-22706 / CVE-2021-39793). MORE

• Guillermo Rauch, a coding pioneer, believes the future lies in holistic, full-stack engineers who can ideate, design, and harness AI's coding prowess to create remarkable products. MORE

• Overview of the Large Language Model (LLM) AI technology behind ChatGPT, detailing its training process and practical applications. Andrej, co-founder of OpenAI and former Senior Director of AI at Tesla, aims to enhance understanding of AI and empower effective use of its advancements. MORE

Table of Contents

• 📰 Updates

• 💼 Work

• 🌎 Community

• 🍄 Level up

• 🛠 Explore

• 📈 Learned something?

📰 Updates

✅ Changelog

• Zen Browser's 1.7.5b update introduces exciting new features, like seamless tab management and enhanced glance experience, while squashing pesky bugs. MORE

💼 Work

💰 Career

• Coalfire is hiring a Director of Threat Hunting - Remote US. MORE

• How to have a career even when OpenAI's o3 drops. MORE

🚀 Productivity

• There is no single correct way to build your Obsidian second brain, but there are wrong approaches to avoid. This video highlights the positive aspects of Obsidian, helping you create a second brain as complex as your first. MORE

• Raycast supercharges your macOS workflow, transforming everyday tasks into lightning-fast, AI-powered actions. MORE

• Harness the power of your mind! Embrace the initial brain agitation and use it to laser-focus your attention for maximum productivity. MORE

• Gemini 2.0 supercharges document processing, slashing a fintech's process from 12 minutes to just 6 seconds while maintaining 96% accuracy. MORE

🌎 Community

🎉 Celebrate

• John and Kaitlyn got engaged! MORE

⚡️ Timeline

• Anthropic is offering $10K to the first person who passes all 8 levels, and $20K for a universal jailbreak! Can you crack their challenge and claim the ultimate prize? MORE

• Agencies are a relic of the past, charging exorbitant fees for subpar websites - the future belongs to agile, affordable solutions that deliver real results. MORE

• NahamSec announces new monthly target: Goldman Sachs bug bounty program on HackerOne with weekly live streams, starting this Friday on Discord. MORE

💛 Follow
Awesome accounts to follow. Randomly selected from my curated Twitter lists.

• @gvrp_writeups | Awesome Google VRP Writeups | Automatically tweeting new writeups from the GitHub repository "awesome-google-vrp-writeups".

• @CharlieEriksen | Charlie Eriksen | Founder @weaseljs. Previously Product Manager @SecCodeWarrior | Principal Security Engineer/Partner @thesyndis

• @ustayready | Mike Felch (Stay Ready) | Red Teamer / Security Research | Prior: CrowdStrike / Current: BHIS | In Christ’s grip | Pentesting since 1997 | Security Focus: Cloud.

• @jack | jack | bitcoin.

• @d00xing| d0xing.

🍄 Level up

📰 Read

• Uncover the tale of a $16.5k SMS OTP bypass that takes you on a journey of reverse engineering, probability theory, and entropy analysis. MORE

• The future belongs to idea guys who can just do things. MORE

• Form-action Content-Security-Policy Bypass And Other Tactics For Dealing With The CSP. MORE

🧠 Wisdom

• Please for the love of all that is holy: Stop writing long boring Titles. aka, How to Title Your Content Without Clickbait. MORE

• Advice for a friend who wants to start a blog. MORE

• "The only people who'll remember you worked late are your kids." A hard hitting reminder that our legacy extends beyond long hours - it's the impact we have on those closest to us that truly matters. MORE

📚 Resources

• Search through a curated collection of 25,000+ CTF writeups with instant results and smart filtering. MORE

• Comprehensive list of attacks and defenses for the OAuth protocol. MORE | CHEAT SHEET

• Secure by Design: Google's Blueprint for a High-Assurance Web Framework. MORE

• Harvard released a massive 16TB archive of over 311,000 datasets from data.gov, updated daily. MORE

🛠 Explore

🧰 Tools

• Fullmoon is an iOS application designed for seamless communication with local large language models. Optimized for Apple Silicon, it is compatible with iPhone, iPad, and Mac. MORE

• FuzzyAI Fuzzer is a powerful tool for automated LLM fuzzing, helping developers and researchers identify security vulnerabilities in their LLM APIs. MORE

• Lightweight CLI and local API server to create, run and manage macOS and Linux virtual machines (VMs) natively on Apple Silicon. MORE

• Bad Tweet Firewall highlights undesirable tweets with a red border, allowing users to train a personal algorithm to filter out negative content. MORE

• ImageOptim-CLI automates image optimization and minification for Mac to make batch optimization of images part of your automated build process. MORE

🎥 Watch

• Build a powerful reconnaissance and lead generation tool for under $60. MORE

• Alex Hormozi shares his $100M writing system, revealing how his best-selling books and massive social media following were built. MORE

• Gemini 2.0 from Google is a game-changer in the AI race, boasting incredible power and affordability. MORE

• Serial entrepreneur Omar Choudhry reveals his proven prompting sequences for leveraging ChatGPT, Leonardo AI, Kling AI, and ElevenLabs to create market-ready products. MORE

• Vunerability-centric Pentesting talk by Matthew Toussain. Leveraging vulnerabilities to drive pentesting test performance. MORE

🎵 Listen

• Conor Freeman stole money online. Lot’s of it. In this episode Jack talk with him, and hear how he did it, why he did, and what he spent it on MORE

• Scott and Mark dive into the art of public speaking, reflecting on their journeys from first presentations to keynotes. Catch their expert tips as they prepare for upcoming talks. MORE

🌐 Technology

• CodeTV by Jason brings you tv for developers. Watch stories about web developers overcoming challenges, learning, and having fun together with a supportive community. MORE

• Expressive Code is an engine for presenting source code on the web, aiming to make your code easy to understand and visually stunning. MORE

• Terminal frustrations crowdsourced from veteran terminal users: remembering syntax, colors, bad documentation, and more. MORE

• AngularJS, born as a Google experiment, became a JavaScript sensation, but internal pressures led to a radical overhaul, leaving the community feeling left behind. Years of intense community efforts ensued to find a path forward. MORE

👀 Interesting

• AI-Generated Slop Is Already In Your Public Library (and you're already paying for it). MORE

• Uncover NYC's vibrant creative underground - from the legendary hackerspace NYC Resistor to the immersive art playground Hex House. MORE

• New study from Nature Medicine reveals that human brain tissues harbor micro- and nanoplastics at concentrations 7–30 times higher than those found in the liver or kidneys. MORE

💭 Quote

📈 Learned something?

Until next week, take care of yourself and each other,

Bee 🐝

^{This newsletter may contain affiliate links that support its costs. These links lead to tools, courses, and resources that I've personally found helpful.}