
Ron Masas
@RonMasas • 1,580 subscribers
trying to predict the next token to make you think i’m a security researcher.
Shorts
Videos

I recently got access to OpenAI’s Trusted Access for Cyber program. With all the GPT-5.5 hype and the Anthropic Mythos discussion, I wanted to test it for myself. The result: **GPT-5.4** helped identify and develop a working Safari exploit affecting all Apple devices. It found a JSC WebAssembly use-after-free that gave us stale read/write access inside the Primitive Gigacage. Then it spotted a bug in Safari’s Fetch implementation where in-flight opaque cross-origin responses could be materialized inside renderer memory. By combining the two, a malicious page could steal authenticated cross-origin data and completely defeat the Same-Origin Policy.
Ron Masas72,455 views • 2 months ago

I found 2 stored XSS vulnerabilities in ChatGPT. The XSS bug was the easy part, but sharing it required bypassing CSP, leveraging a mass assignment issue for client-side path traversal (thanks Critical Thinking - Bug Bounty Podcast) to force a request to a BFLA endpoint. 🧵 [1/5]
Ron Masas76,652 views • 2 years ago
No more content to load