Thomas Roccia :verified:
@fr0gger.infosec.exchange.ap.brid.gy
Sr. Security Researcher at Microsoft
🌉 bridged from https://infosec.exchange/@fr0gger on the fediverse by https://fed.brid.gy/
🌉 bridged from https://infosec.exchange/@fr0gger on the fediverse by https://fed.brid.gy/
📰 Anthropic security team discovered that a state-sponsored group used Claude model to autonomously run almost an entire intrusion chain at scale!
Here is what I think 👇
The case is interesting but not really new. Offensive AI with autonomous agents is […]
[Original post on infosec.exchange]
Here is what I think 👇
The case is interesting but not really new. Offensive AI with autonomous agents is […]
[Original post on infosec.exchange]
November 14, 2025 at 5:11 AM
📰 Anthropic security team discovered that a state-sponsored group used Claude model to autonomously run almost an entire intrusion chain at scale!
Here is what I think 👇
The case is interesting but not really new. Offensive AI with autonomous agents is […]
[Original post on infosec.exchange]
Here is what I think 👇
The case is interesting but not really new. Offensive AI with autonomous agents is […]
[Original post on infosec.exchange]
🤓 Last week Google Threat Intel Group released an interesting report about how attackers leverage AI tools!
Here is a short overview:
• Multiple malware in the wild are now using LLMs for code generation. A constant but still experimental trend the […]
[Original post on infosec.exchange]
Here is a short overview:
• Multiple malware in the wild are now using LLMs for code generation. A constant but still experimental trend the […]
[Original post on infosec.exchange]
November 13, 2025 at 3:47 AM
🤓 Last week Google Threat Intel Group released an interesting report about how attackers leverage AI tools!
Here is a short overview:
• Multiple malware in the wild are now using LLMs for code generation. A constant but still experimental trend the […]
[Original post on infosec.exchange]
Here is a short overview:
• Multiple malware in the wild are now using LLMs for code generation. A constant but still experimental trend the […]
[Original post on infosec.exchange]
Four new adversarial prompts added by Ben McCarthy in PromptIntel targeting Gemini! Check this out! 🤓
👉 https://promptintel.novahunting.ai/feed
👉 https://promptintel.novahunting.ai/feed
November 11, 2025 at 5:44 AM
Four new adversarial prompts added by Ben McCarthy in PromptIntel targeting Gemini! Check this out! 🤓
👉 https://promptintel.novahunting.ai/feed
👉 https://promptintel.novahunting.ai/feed
🤯 Crazy to see that my Defcon talk on crypto money laundering is among the most viewed this year, with 24K views in only 4 weeks on YouTube!
In the talk I explain the techniques threat actors use to launder funds. I also show a proof of concept AI agent I built to track fund flows and help you […]
In the talk I explain the techniques threat actors use to launder funds. I also show a proof of concept AI agent I built to track fund flows and help you […]
Original post on infosec.exchange
infosec.exchange
November 10, 2025 at 4:43 AM
🤯 Crazy to see that my Defcon talk on crypto money laundering is among the most viewed this year, with 24K views in only 4 weeks on YouTube!
In the talk I explain the techniques threat actors use to launder funds. I also show a proof of concept AI agent I built to track fund flows and help you […]
In the talk I explain the techniques threat actors use to launder funds. I also show a proof of concept AI agent I built to track fund flows and help you […]
I recently updated PromptIntel with a new contributor leaderboard! You can now see the top researchers and showcase your own work.
You can also complete your profile to display your social media and websites, if you like!
👉 https://promptintel.novahunting.ai/leaderboard
You can also complete your profile to display your social media and websites, if you like!
👉 https://promptintel.novahunting.ai/leaderboard
November 7, 2025 at 3:05 PM
I recently updated PromptIntel with a new contributor leaderboard! You can now see the top researchers and showcase your own work.
You can also complete your profile to display your social media and websites, if you like!
👉 https://promptintel.novahunting.ai/leaderboard
You can also complete your profile to display your social media and websites, if you like!
👉 https://promptintel.novahunting.ai/leaderboard
📋 In the latest Microsoft threat report, the DART team discovered a new backdoor dubbed SesameOp, that abuses the OpenAI Assistants API to run covert C2 communication without any model inference!
The backdoor fetches encrypted payloads, executes them in […]
[Original post on infosec.exchange]
The backdoor fetches encrypted payloads, executes them in […]
[Original post on infosec.exchange]
November 6, 2025 at 10:37 AM
📋 In the latest Microsoft threat report, the DART team discovered a new backdoor dubbed SesameOp, that abuses the OpenAI Assistants API to run covert C2 communication without any model inference!
The backdoor fetches encrypted payloads, executes them in […]
[Original post on infosec.exchange]
The backdoor fetches encrypted payloads, executes them in […]
[Original post on infosec.exchange]
Awesome new threat report from Google Threat Intel Group documenting how threat actors are leveraging Gemini. A lot of information and actionable avalable in the report! Great work 👌
https://services.google.com/fh/files/misc/advances-in-threat-actor-usage-of-ai-tools-en.pdf
https://services.google.com/fh/files/misc/advances-in-threat-actor-usage-of-ai-tools-en.pdf
November 5, 2025 at 2:45 PM
Awesome new threat report from Google Threat Intel Group documenting how threat actors are leveraging Gemini. A lot of information and actionable avalable in the report! Great work 👌
https://services.google.com/fh/files/misc/advances-in-threat-actor-usage-of-ai-tools-en.pdf
https://services.google.com/fh/files/misc/advances-in-threat-actor-usage-of-ai-tools-en.pdf
🤓 New Adversarial Prompt (IoPC) added by MacTash in PromptIntel!
It forces the model into a "werewolf persona", blocks refusals with fake rules, and makes it start every answer with "I am an adorable nerdy AI!"
A persona hijack + refusal suppression […]
[Original post on infosec.exchange]
It forces the model into a "werewolf persona", blocks refusals with fake rules, and makes it start every answer with "I am an adorable nerdy AI!"
A persona hijack + refusal suppression […]
[Original post on infosec.exchange]
November 4, 2025 at 7:06 PM
🤓 New Adversarial Prompt (IoPC) added by MacTash in PromptIntel!
It forces the model into a "werewolf persona", blocks refusals with fake rules, and makes it start every answer with "I am an adorable nerdy AI!"
A persona hijack + refusal suppression […]
[Original post on infosec.exchange]
It forces the model into a "werewolf persona", blocks refusals with fake rules, and makes it start every answer with "I am an adorable nerdy AI!"
A persona hijack + refusal suppression […]
[Original post on infosec.exchange]
👀 OpenSourceMalware an open database for tracking malicious open-source packages from npm, PyPI, GitHub repos!
Great source of intel feed for supply-chain attacks! 👇
https://opensourcemalware.com/
Great source of intel feed for supply-chain attacks! 👇
https://opensourcemalware.com/
November 2, 2025 at 2:08 PM
👀 OpenSourceMalware an open database for tracking malicious open-source packages from npm, PyPI, GitHub repos!
Great source of intel feed for supply-chain attacks! 👇
https://opensourcemalware.com/
Great source of intel feed for supply-chain attacks! 👇
https://opensourcemalware.com/
October 31, 2025 at 4:11 PM
📰 My latest newsletter is out! I share updates on some projects, research and upcoming work.
You can read it here 👇
https://newsletter.securitybreak.io/archive/update-4602
You can read it here 👇
https://newsletter.securitybreak.io/archive/update-4602
🚀 PromptIntel, Award Finalist, and Feedly Webinar
newsletter.securitybreak.io
October 31, 2025 at 8:29 AM
📰 My latest newsletter is out! I share updates on some projects, research and upcoming work.
You can read it here 👇
https://newsletter.securitybreak.io/archive/update-4602
You can read it here 👇
https://newsletter.securitybreak.io/archive/update-4602
🤓 The recent Claude Code plugin feature is quite cool!
You can extend Claude Code with custom commands, agents, hooks, skills, and MCP servers. That means you can build plugins that replicate how your team works with custom templates, triage agents, and […]
[Original post on infosec.exchange]
You can extend Claude Code with custom commands, agents, hooks, skills, and MCP servers. That means you can build plugins that replicate how your team works with custom templates, triage agents, and […]
[Original post on infosec.exchange]
October 30, 2025 at 8:28 AM
🤓 The recent Claude Code plugin feature is quite cool!
You can extend Claude Code with custom commands, agents, hooks, skills, and MCP servers. That means you can build plugins that replicate how your team works with custom templates, triage agents, and […]
[Original post on infosec.exchange]
You can extend Claude Code with custom commands, agents, hooks, skills, and MCP servers. That means you can build plugins that replicate how your team works with custom templates, triage agents, and […]
[Original post on infosec.exchange]
Here is an good introduction to AI Red Team published by Pillar Security.
It gives you a broader understanding and methodology to start evaluate your AI systems, from AI Kill Chain, CFS, to practical example.
https://pillar.security/ai-red-teaming-introduction
It gives you a broader understanding and methodology to start evaluate your AI systems, from AI Kill Chain, CFS, to practical example.
https://pillar.security/ai-red-teaming-introduction
October 29, 2025 at 8:29 AM
Here is an good introduction to AI Red Team published by Pillar Security.
It gives you a broader understanding and methodology to start evaluate your AI systems, from AI Kill Chain, CFS, to practical example.
https://pillar.security/ai-red-teaming-introduction
It gives you a broader understanding and methodology to start evaluate your AI systems, from AI Kill Chain, CFS, to practical example.
https://pillar.security/ai-red-teaming-introduction
🤩 I am honored to share that I am a finalist for the 2025 French-Australian Excellence Awards in the category Research & Innovation for my work on AI & Threat Intelligence!
The winners will be announced on November 25 at the French Embassy in Canberra.
Now […]
[Original post on infosec.exchange]
The winners will be announced on November 25 at the French Embassy in Canberra.
Now […]
[Original post on infosec.exchange]
October 27, 2025 at 9:34 AM
🤩 I am honored to share that I am a finalist for the 2025 French-Australian Excellence Awards in the category Research & Innovation for my work on AI & Threat Intelligence!
The winners will be announced on November 25 at the French Embassy in Canberra.
Now […]
[Original post on infosec.exchange]
The winners will be announced on November 25 at the French Embassy in Canberra.
Now […]
[Original post on infosec.exchange]
🎙️ At Vegas during @defcon and @blackhatevents I was invited on the @aisecpod podcast. We had a great discussion about using AI for threat intelligence, adversarial prompts, and NOVA for prompt hunting.
Check it out! 👇
https://youtu.be/HAd05qfJjOE?si=xDR9O_BeA-kNI2vw
Check it out! 👇
https://youtu.be/HAd05qfJjOE?si=xDR9O_BeA-kNI2vw
October 21, 2025 at 9:59 AM
🎙️ At Vegas during @defcon and @blackhatevents I was invited on the @aisecpod podcast. We had a great discussion about using AI for threat intelligence, adversarial prompts, and NOVA for prompt hunting.
Check it out! 👇
https://youtu.be/HAd05qfJjOE?si=xDR9O_BeA-kNI2vw
Check it out! 👇
https://youtu.be/HAd05qfJjOE?si=xDR9O_BeA-kNI2vw
My DEFCON talk about crypto money laundering techniques is out!
At minute 20:30, I demonstrate how I use an AI agent to assist my investigation in money tracking and laundering pattern identification. Then I discuss the limits and possibilities.
I used the Bybit hack as an example and I built […]
At minute 20:30, I demonstrate how I use an AI agent to assist my investigation in money tracking and laundering pattern identification. Then I discuss the limits and possibilities.
I used the Bybit hack as an example and I built […]
Original post on infosec.exchange
infosec.exchange
October 15, 2025 at 5:12 AM
My DEFCON talk about crypto money laundering techniques is out!
At minute 20:30, I demonstrate how I use an AI agent to assist my investigation in money tracking and laundering pattern identification. Then I discuss the limits and possibilities.
I used the Bybit hack as an example and I built […]
At minute 20:30, I demonstrate how I use an AI agent to assist my investigation in money tracking and laundering pattern identification. Then I discuss the limits and possibilities.
I used the Bybit hack as an example and I built […]
🤓 I created a new community project dedicated to Adversarial Prompts called PromptIntel.
Over the past years, I researched how threat actors exploit LLMs and introduced the concept of Indicators of Prompt Compromise (IoPC), adversarial prompts that reveal […]
[Original post on infosec.exchange]
Over the past years, I researched how threat actors exploit LLMs and introduced the concept of Indicators of Prompt Compromise (IoPC), adversarial prompts that reveal […]
[Original post on infosec.exchange]
October 12, 2025 at 5:29 AM
🤓 I created a new community project dedicated to Adversarial Prompts called PromptIntel.
Over the past years, I researched how threat actors exploit LLMs and introduced the concept of Indicators of Prompt Compromise (IoPC), adversarial prompts that reveal […]
[Original post on infosec.exchange]
Over the past years, I researched how threat actors exploit LLMs and introduced the concept of Indicators of Prompt Compromise (IoPC), adversarial prompts that reveal […]
[Original post on infosec.exchange]
🧐 OpenAI just released a new report on how threat actors use GPT models. Phishing, malware development, info ops, and scams are on the menu!
Something interesting, they added 3 new LLM TTPs that describe how attackers use LLMs for their attacks.
- […]
[Original post on infosec.exchange]
Something interesting, they added 3 new LLM TTPs that describe how attackers use LLMs for their attacks.
- […]
[Original post on infosec.exchange]
October 10, 2025 at 5:53 AM
🧐 OpenAI just released a new report on how threat actors use GPT models. Phishing, malware development, info ops, and scams are on the menu!
Something interesting, they added 3 new LLM TTPs that describe how attackers use LLMs for their attacks.
- […]
[Original post on infosec.exchange]
Something interesting, they added 3 new LLM TTPs that describe how attackers use LLMs for their attacks.
- […]
[Original post on infosec.exchange]
🤓 Interesting finding! A malicious MCP server spotted in the wild!
The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16.
The attacker cloned the legitimate Postmark MCP code and […]
[Original post on infosec.exchange]
The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16.
The attacker cloned the legitimate Postmark MCP code and […]
[Original post on infosec.exchange]
October 8, 2025 at 4:56 AM
🤓 Interesting finding! A malicious MCP server spotted in the wild!
The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16.
The attacker cloned the legitimate Postmark MCP code and […]
[Original post on infosec.exchange]
The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16.
The attacker cloned the legitimate Postmark MCP code and […]
[Original post on infosec.exchange]
🤩 After the SANS Institute DMA Award nomination, I am truly honored to announce that I have also been also nominated for the French-Australia Award (Le Courrier Australien - LCANews) in the Research and Innovation category.
Super proud to see my work in […]
[Original post on infosec.exchange]
Super proud to see my work in […]
[Original post on infosec.exchange]
October 7, 2025 at 4:36 AM
🤩 After the SANS Institute DMA Award nomination, I am truly honored to announce that I have also been also nominated for the French-Australia Award (Le Courrier Australien - LCANews) in the Research and Innovation category.
Super proud to see my work in […]
[Original post on infosec.exchange]
Super proud to see my work in […]
[Original post on infosec.exchange]
🤓 I built a quick interface to define and show the classification of Adversarial Prompts (IoPC)!
The 4 main categories are:
・ Prompt Manipulation,
・ Abusing Legitimate Functions,
・ Suspicious Patterns,
・ Abnormal Outputs.
Each covers threats you should […]
[Original post on infosec.exchange]
The 4 main categories are:
・ Prompt Manipulation,
・ Abusing Legitimate Functions,
・ Suspicious Patterns,
・ Abnormal Outputs.
Each covers threats you should […]
[Original post on infosec.exchange]
October 4, 2025 at 6:22 AM
🤓 I built a quick interface to define and show the classification of Adversarial Prompts (IoPC)!
The 4 main categories are:
・ Prompt Manipulation,
・ Abusing Legitimate Functions,
・ Suspicious Patterns,
・ Abnormal Outputs.
Each covers threats you should […]
[Original post on infosec.exchange]
The 4 main categories are:
・ Prompt Manipulation,
・ Abusing Legitimate Functions,
・ Suspicious Patterns,
・ Abnormal Outputs.
Each covers threats you should […]
[Original post on infosec.exchange]
There is still time to vote for NOVA in the #SANSDMA awards under Innovation of the Year!
👉 Vote here: https://survey.sans.org/jfe/form/SV_6fiMUToTuWy7puS
And if you want a quick overview of NOVA (Hollywood style), check out this video 👇
https://youtu.be/HDhbqKykc2o?si=5_dzpU_TVAXsZoT-
👉 Vote here: https://survey.sans.org/jfe/form/SV_6fiMUToTuWy7puS
And if you want a quick overview of NOVA (Hollywood style), check out this video 👇
https://youtu.be/HDhbqKykc2o?si=5_dzpU_TVAXsZoT-
Qualtrics Survey | Qualtrics Experience Management
The most powerful, simple and trusted way to gather experience data. Start your journey to experience management and try a free account today.
survey.sans.org
October 3, 2025 at 5:21 AM
There is still time to vote for NOVA in the #SANSDMA awards under Innovation of the Year!
👉 Vote here: https://survey.sans.org/jfe/form/SV_6fiMUToTuWy7puS
And if you want a quick overview of NOVA (Hollywood style), check out this video 👇
https://youtu.be/HDhbqKykc2o?si=5_dzpU_TVAXsZoT-
👉 Vote here: https://survey.sans.org/jfe/form/SV_6fiMUToTuWy7puS
And if you want a quick overview of NOVA (Hollywood style), check out this video 👇
https://youtu.be/HDhbqKykc2o?si=5_dzpU_TVAXsZoT-
🤩 Check out DetectionStream built by @Kostastsale, this is an app where you can explore Sigma and NOVA rules!
There is also a playground so you can test the rules live
👉 detectionstream.com
There is also a playground so you can test the rules live
👉 detectionstream.com
October 2, 2025 at 5:10 AM
🤩 Check out DetectionStream built by @Kostastsale, this is an app where you can explore Sigma and NOVA rules!
There is also a playground so you can test the rules live
👉 detectionstream.com
There is also a playground so you can test the rules live
👉 detectionstream.com
🤓 I have released Proximity, my MCP Security Scanner powered by NOVA!
Before using a public MCP server, you can quickly probe the endpoint or your local MCP to discover exposed prompts, tools, and resources. You can then scan with NOVA to check if any […]
[Original post on infosec.exchange]
Before using a public MCP server, you can quickly probe the endpoint or your local MCP to discover exposed prompts, tools, and resources. You can then scan with NOVA to check if any […]
[Original post on infosec.exchange]
September 28, 2025 at 6:50 AM
🤓 I have released Proximity, my MCP Security Scanner powered by NOVA!
Before using a public MCP server, you can quickly probe the endpoint or your local MCP to discover exposed prompts, tools, and resources. You can then scan with NOVA to check if any […]
[Original post on infosec.exchange]
Before using a public MCP server, you can quickly probe the endpoint or your local MCP to discover exposed prompts, tools, and resources. You can then scan with NOVA to check if any […]
[Original post on infosec.exchange]
🤓 If you are looking for a threat intel workflow, don't forget the Jupyter Universe! It gives you a central point to find useful Jupyter notebooks.
No need to reinvent the wheel when talented researchers already did the work!
👉 https://juniverse.securitybreak.io/
No need to reinvent the wheel when talented researchers already did the work!
👉 https://juniverse.securitybreak.io/
September 26, 2025 at 8:56 PM
🤓 If you are looking for a threat intel workflow, don't forget the Jupyter Universe! It gives you a central point to find useful Jupyter notebooks.
No need to reinvent the wheel when talented researchers already did the work!
👉 https://juniverse.securitybreak.io/
No need to reinvent the wheel when talented researchers already did the work!
👉 https://juniverse.securitybreak.io/