Michael Bargury's banner
Michael Bargury's profile picture

Michael Bargury

@mbrg08,940 subscribers

Breaking agents. Building @zenitysec.

Shorts

next. we hijacked cursor via jira mcp by submitting a support ticket cursor harvests and exfiltrate all creds from your dev machine and then reports back to the dev that "the 2-hour downtime that affected user transactions has been resolved" #DEFCON #BHUSA Marina Simakov

next. we hijacked cursor via jira mcp by submitting a support ticket cursor harvests and exfiltrate all creds from your dev machine and then reports back to the dev that "the 2-hour downtime that affected user transactions has been resolved" #DEFCON #BHUSA Marina Simakov

458,581 просмотров

we're not done. we hijacked Salesforce Einstein by registering on the victim's website for more info now you put those marketing forms for good use we reroute all customer interaction thru our infra #DEFCON #BHUSA Tamir Ishay Sharbat Ofri Nachfolger

we're not done. we hijacked Salesforce Einstein by registering on the victim's website for more info now you put those marketing forms for good use we reroute all customer interaction thru our infra #DEFCON #BHUSA Tamir Ishay Sharbat Ofri Nachfolger

155,401 просмотров

time to drop powerpwn v4! 😈🤖 scan the internet for public-facing microsoft copilot studio ai agents extract their internal instructions and knowledge sources discover and invoke their tools point it at your tenant.. and go hack yourself! #DEFCON #BHUSA Assembly Man

time to drop powerpwn v4! 😈🤖 scan the internet for public-facing microsoft copilot studio ai agents extract their internal instructions and knowledge sources discover and invoke their tools point it at your tenant.. and go hack yourself! #DEFCON #BHUSA Assembly Man

74,302 просмотров

the go-to method for data exfil after a successful prompt injection is rendering an image or a clickable link that's why m365 copilot refuses to print links no matter what unless of course..

the go-to method for data exfil after a successful prompt injection is rendering an image or a clickable link that's why m365 copilot refuses to print links no matter what unless of course..

23,454 просмотров

Videos

LIVE
1.2k

Anya Rossi

sweetdream.ai

SweetDream.aiSponsoredLivecam
Streaming Now

Watch Anya Live

Anya is streaming live right now! Join her private show and enjoy exclusive content.

HD live stream
Exclusive private shows
1.2k viewers online

Free preview available • Premium content

we got an ~RCE on M365 Copilot by sending an email by ~RCE I mean full remote control over its actions - search for sensitive content (sharepoint, email, calendar, teams), execute plugins and outputs - bypass DLP controls, manipulate references, social engineer its users on our behalf #BHUSA #DEFCON Tamir Ishay Sharbat
1:28
mbrg0's profile picture

we got an ~RCE on M365 Copilot by sending an email by ~RCE I mean full remote control over its actions - search for sensitive content (sharepoint, email, calendar, teams), execute plugins and outputs - bypass DLP controls, manipulate references, social engineer its users on our behalf #BHUSA #DEFCON Tamir Ishay Sharbat

Michael Bargury

229,353 просмотров • 1 год назад

we hijacked perplexity comet by sending a weaponized calendar invite then used it to takeover victim's 1p account and exfil their local files call it pleasefix. like clickfix, but instead of social eng'ing a human you just ask their ai real nicely incredible work by StAJect0r
2:00
mbrg0's profile picture

we hijacked perplexity comet by sending a weaponized calendar invite then used it to takeover victim's 1p account and exfil their local files call it pleasefix. like clickfix, but instead of social eng'ing a human you just ask their ai real nicely incredible work by StAJect0r

Michael Bargury

47,257 просмотров • 3 месяцев назад

we got a persistent 0click on ChatGPT by sharing a doc that allowed us to exfiltrate sensitive data and creds from your connectors (google drive, sharepoint, ..) + chat history + future conversations it gets worse. we deploy a memory implant #DEFCON #BHUSA Tamir Ishay Sharbat
1:34
mbrg0's profile picture

we got a persistent 0click on ChatGPT by sharing a doc that allowed us to exfiltrate sensitive data and creds from your connectors (google drive, sharepoint, ..) + chat history + future conversations it gets worse. we deploy a memory implant #DEFCON #BHUSA Tamir Ishay Sharbat

Michael Bargury

79,749 просмотров • 10 месяцев назад

an attacker wants to get sensitive data you have access to here's how they get YOUR copilot to find and analyze that data, and lure you to a malicious site to exfiltrate it #DEFCON
0:46
mbrg0's profile picture

an attacker wants to get sensitive data you have access to here's how they get YOUR copilot to find and analyze that data, and lure you to a malicious site to exfiltrate it #DEFCON

Michael Bargury

16,651 просмотров • 1 год назад

Больше нет контента для загрузки