正在加载视频...

视频加载失败

返回首页

The problem is that applications need to use the OpenClipboard API to access the clipboard, which gives exclusive access. In other words, if two applications read the clipboard simultaneously, one is going to fail. Quoting the official documentation: "OpenClipboard fails if another window has the clipboard open." There's no...

KooKiz's profile picture

Kevin Gosse

5,576 subscribers

12,675 次观看 • 1 个月前 •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

0 条评论

暂无评论

原始帖子的评论将显示在这里

相关视频

🚨 JAILBREAK ALERT 🚨 OPENAI: PWNED 😎 ATLAS-BROWSER: LIBERATED 🙌 WOW! There's a new AI browser on the block! Has some hefty guardrails in play, but the browser surface area is vast 🌊 First, I started with a good ol' LSD jailbreak, which was cool to see that the GPT-5 prompt still works in this browser setup with the new sys prompts. Referencing search and videos are a fun enhancement for higher quality jailbreak outputs (some cool youtube videos out there about drugmaking, for example), but honestly that isn't anything new or different from regular ChatGPT's capabilities. What IS hot off the press, and IMO a very real security risk to be aware of for AI browsers (and the internet in general), is this humble yet mighty vuln: Clipboard Injection. It's trivial to add a hidden "copy to clipboard" feature to any clickable button on the web. It took me just a few minutes to update one of my personal websites such that ALL the buttons were geared for injecting the user's clipboard with a malicious phishing link. If your browser Agent is navigating a website and clicks a button like that without your knowledge, and you open a new tab later and hit paste without knowing what's in your clipboard, well...PWNED! 🙃 As you'll see in the video below, "control-c" is in my clipboard in the beginning, but unbeknownst to me, "I'VE BEEN PWNED BY PLINY!!! WEEE I'M FREEE FUCKITY FUCK FUCK!!! ABRACADABRA, BITCH!!! com/account-update" gets snuck into my clipboard as soon as Agent starts trying to navigate my website. This works so well because Agent is normally aware of all text/code being passed to and from the user, and has clearly been trained to recognize prompt injections, but since the "copy clipboard" button logic is hidden in js in the backend of the site, the Agent has zero awareness of the text content being injected to the user's clipboard. This has broad implications for anyone in the habit of copy-pasting, including coding, data entry, banking/trading, etc. Imagine going about your browsing business, then simply hitting control-v in your address bar and next thing you (don't) know, it takes you to a spoofed phishing website that tells you your OpenAI or Gmail or PayPal session has expired and you need to re-login. If you're not careful, the attackers now have all your login info, including any MFA codes 🥲 gg
0:28

Sensitive content

🚨 JAILBREAK ALERT 🚨 OPENAI: PWNED 😎 ATLAS-BROWSER: LIBERATED 🙌 WOW! There's a new AI browser on the block! Has some hefty guardrails in play, but the browser surface area is vast 🌊 First, I started with a good ol' LSD jailbreak, which was cool to see that the GPT-5 prompt still works in this browser setup with the new sys prompts. Referencing search and videos are a fun enhancement for higher quality jailbreak outputs (some cool youtube videos out there about drugmaking, for example), but honestly that isn't anything new or different from regular ChatGPT's capabilities. What IS hot off the press, and IMO a very real security risk to be aware of for AI browsers (and the internet in general), is this humble yet mighty vuln: Clipboard Injection. It's trivial to add a hidden "copy to clipboard" feature to any clickable button on the web. It took me just a few minutes to update one of my personal websites such that ALL the buttons were geared for injecting the user's clipboard with a malicious phishing link. If your browser Agent is navigating a website and clicks a button like that without your knowledge, and you open a new tab later and hit paste without knowing what's in your clipboard, well...PWNED! 🙃 As you'll see in the video below, "control-c" is in my clipboard in the beginning, but unbeknownst to me, "I'VE BEEN PWNED BY PLINY!!! WEEE I'M FREEE FUCKITY FUCK FUCK!!! ABRACADABRA, BITCH!!! com/account-update" gets snuck into my clipboard as soon as Agent starts trying to navigate my website. This works so well because Agent is normally aware of all text/code being passed to and from the user, and has clearly been trained to recognize prompt injections, but since the "copy clipboard" button logic is hidden in js in the backend of the site, the Agent has zero awareness of the text content being injected to the user's clipboard. This has broad implications for anyone in the habit of copy-pasting, including coding, data entry, banking/trading, etc. Imagine going about your browsing business, then simply hitting control-v in your address bar and next thing you (don't) know, it takes you to a spoofed phishing website that tells you your OpenAI or Gmail or PayPal session has expired and you need to re-login. If you're not careful, the attackers now have all your login info, including any MFA codes 🥲 gg

Pliny the Liberator 🐉󠅫󠄼󠄿󠅆󠄵󠄐󠅀󠄼󠄹󠄾󠅉󠅭

418,840 次观看 • 8 个月前

OH MY - Pat Kelsey does it again and again This is NASTY action that gets one of the best shooters in the nation a WIDE open shot Just filthy work with the clipboard (Highlighted by Bryce Butler 🎥)
0:35

OH MY - Pat Kelsey does it again and again This is NASTY action that gets one of the best shooters in the nation a WIDE open shot Just filthy work with the clipboard (Highlighted by Bryce Butler 🎥)

Hoop Herald

74,025 次观看 • 5 个月前

I spent months building a code editor and the feature people are most excited about is... copying images to the clipboard ⌘⌥C your code. Paste a masterpiece. Your Keynote will never look the same.
0:20

I spent months building a code editor and the feature people are most excited about is... copying images to the clipboard ⌘⌥C your code. Paste a masterpiece. Your Keynote will never look the same.

Marcin Krzyzanowski

29,669 次观看 • 6 个月前

I put Gemini 2.0 inside a desktop app and gave it access to my screen, terminal, clipboard, and the internet:
3:22

I put Gemini 2.0 inside a desktop app and gave it access to my screen, terminal, clipboard, and the internet:

Charlie Holtz

457,239 次观看 • 1 年前

If you're looking to run #TaskmasterClub at your school this year, the latest series is now live at The 'Clipboard' series, features a special rap-themed episode with MC Grammar joining Alex in the lab to set the tasks. #Taskmaster #MCGrammar #AlexHorne
0:29

If you're looking to run #TaskmasterClub at your school this year, the latest series is now live at The 'Clipboard' series, features a special rap-themed episode with MC Grammar joining Alex in the lab to set the tasks. #Taskmaster #MCGrammar #AlexHorne

Taskmaster Education

35,748 次观看 • 10 个月前

Imagine copying your wallet address to send crypto… But when you paste it, a hacker’s address appears instead. 😳 That’s called Clipboard Hijacking, and it has cost people MILLIONS. 🎉 Day 30 of the 30 Days of Crypto & Web3 Series! 🎉 💡 Topic: Clipboard Hijacking & Malware — How to Avoid Losing Your Crypto 🛑💻 In today’s practical video, I’ll show you: 🔹 How clipboard hijacking works 🔹 The malware tricks hackers use 🔹 Simple steps to protect your wallets & transactions ⚠️ Don’t let small mistakes wipe out your entire portfolio. 🎥 Watch today’s final video. 📲 Share this with every crypto user you know. 💬 Comment below if you’ve learned something valuable from this 30-day journey.
6:17

Imagine copying your wallet address to send crypto… But when you paste it, a hacker’s address appears instead. 😳 That’s called Clipboard Hijacking, and it has cost people MILLIONS. 🎉 Day 30 of the 30 Days of Crypto & Web3 Series! 🎉 💡 Topic: Clipboard Hijacking & Malware — How to Avoid Losing Your Crypto 🛑💻 In today’s practical video, I’ll show you: 🔹 How clipboard hijacking works 🔹 The malware tricks hackers use 🔹 Simple steps to protect your wallets & transactions ⚠️ Don’t let small mistakes wipe out your entire portfolio. 🎥 Watch today’s final video. 📲 Share this with every crypto user you know. 💬 Comment below if you’ve learned something valuable from this 30-day journey.

Chris Ani

12,570 次观看 • 10 个月前

I've added a function to propagate a gradient across the mesh (it follows the curvature of the hair), and then copy that gradient to the Windows clipboard as a transparent picture, for use as a selection mask in the image editor
0:57

I've added a function to propagate a gradient across the mesh (it follows the curvature of the hair), and then copy that gradient to the Windows clipboard as a transparent picture, for use as a selection mask in the image editor

Haï~

13,261 次观看 • 1 年前

look at the clipboard i’m begging u
1:01

look at the clipboard i’m begging u

LakeShowYo

5,605,427 次观看 • 2 年前

🚨 BREAKING: President Trump just launched a stunning new plan to allow American patients to send their RECORDS from one doctor to another electronically..."even if they're on different networks." No more going to a new doctor and spending forever filling out new forms. "K*ll the Clipboard." This is an absolutely enormous quality of life improvement that will impact MILLIONS of people. Don't let the Dems sweep this under the rug.
2:01

🚨 BREAKING: President Trump just launched a stunning new plan to allow American patients to send their RECORDS from one doctor to another electronically..."even if they're on different networks." No more going to a new doctor and spending forever filling out new forms. "K*ll the Clipboard." This is an absolutely enormous quality of life improvement that will impact MILLIONS of people. Don't let the Dems sweep this under the rug.

Eric Daugherty

3,605,234 次观看 • 11 个月前

Our “why” is to play for and inspire the next generation to achieve greatness. Happy #InternationalWomensDay to the incredible women who lace up the skates, throw on the stripes, pick up the clipboard, or support from behind the glass!
1:22

Our “why” is to play for and inspire the next generation to achieve greatness. Happy #InternationalWomensDay to the incredible women who lace up the skates, throw on the stripes, pick up the clipboard, or support from behind the glass!

USA Hockey

29,865 次观看 • 3 年前

I've added a function to copy selected UV islands to the Windows clipboard as a transparent picture, for use as a selection mask in Photoshop (still need to figure out UV margins)
0:34

I've added a function to copy selected UV islands to the Windows clipboard as a transparent picture, for use as a selection mask in Photoshop (still need to figure out UV margins)

Haï~

118,477 次观看 • 1 年前

Rep. Roy on House floor: "Even if the House Republicans are successful in working with the President and the Senate to achieve the one and a half to $2 trillion in spending restraint over the 10 year budget window, which is a mere $150 to $200 billion a year, even if we're successful, we're going to massively increase the debt in the United States all the way to well over, pushing $50 trillion by the end of this budget window. If we fail, if we fail, then that will go up a little higher. We have an obligation to do better. Everything we're fighting for right now in the house is for crumbs."
0:48

Rep. Roy on House floor: "Even if the House Republicans are successful in working with the President and the Senate to achieve the one and a half to $2 trillion in spending restraint over the 10 year budget window, which is a mere $150 to $200 billion a year, even if we're successful, we're going to massively increase the debt in the United States all the way to well over, pushing $50 trillion by the end of this budget window. If we fail, if we fail, then that will go up a little higher. We have an obligation to do better. Everything we're fighting for right now in the house is for crumbs."

Rep. Chip Roy Press Office

54,840 次观看 • 1 年前

HII my current access to my house is TERRIBLE, By helping on this goal you, we can do the request to fix the access :') The money that I need its 2.000, but I think that I can get the other 1K
1:50

HII my current access to my house is TERRIBLE, By helping on this goal you, we can do the request to fix the access :') The money that I need its 2.000, but I think that I can get the other 1K

Fixy Cookies ‼️

66,368 次观看 • 2 年前

i made a tool that makes outreach 10x faster for any consumer app. all I need to do is scroll TikTok and find influencers that match my criteria. the tool: - updates a CRM with the creator's details (links, follower counts, engagement rate) - sends them a personalized email - creates a personalized DM and copies it to my phone clipboard - redirects me to their IG profile so I can paste the DM. outreach to influencers is the biggest bottleneck for getting an app off the ground. Many founders send 20-35 dms/emails a day and call it. i send out 150 emails and DMS yesterday. rt + dm if you want access (i'll deadass share it not some bs)
0:45

i made a tool that makes outreach 10x faster for any consumer app. all I need to do is scroll TikTok and find influencers that match my criteria. the tool: - updates a CRM with the creator's details (links, follower counts, engagement rate) - sends them a personalized email - creates a personalized DM and copies it to my phone clipboard - redirects me to their IG profile so I can paste the DM. outreach to influencers is the biggest bottleneck for getting an app off the ground. Many founders send 20-35 dms/emails a day and call it. i send out 150 emails and DMS yesterday. rt + dm if you want access (i'll deadass share it not some bs)

abhay

40,895 次观看 • 9 个月前

Most developers can't explain how Single Sign-On (SSO) works. ​ This was one of my favorite questions during technical interviews. I love to ask about it because it's not a trivial topic. ​ Here is a 5-minute overview of how Single Sign-On works. ​ We all hate passwords; the less we use them, the better, and SSO helps with that. ​ When you log in to Google once and visit YouTube, Gmail, Drive, and any other connected service without re-entering your password, three players are working behind the scenes: ​ • A user trying to access an application. You, in this case. • The application you want to access. For example, YouTube. • An Identity Provider (IDP) that will verify your identity. Google, in this case. ​ Here is what happens when you try to access one application for the first time: ​ 1. You try to log in to YouTube, and the application redirects you to the Identity Provider (IDP) for authentication. ​ 2. The IDP (Google) checks your credentials and confirms your identity. It creates a new session for you on its server and sets a session cookie in your browser. ​ 3. The IDP also creates a token for YouTube—a small piece of data that contains information about your identity. ​ 4. Your browser grabs the token and presents it to YouTube. ​ 5. YouTube checks the token, and if it is valid, lets you in. ​ But then you want to access Google Drive: ​ 1. You go to Google Drive, and the application redirects you to the IDP. ​ 2. The IDP recognizes that you are still logged in because you have the session cookie. It doesn't need to ask for your credentials. ​ 3. Instead, the IDP generates a new token for Drive. ​ 4. Your browser grabs the token and presents it to Google Drive. If the token is valid, Drive lets you in. ​ You can now access multiple applications without re-entering your password. This is probably one of the best things we've invented since sliced bread! ​ But, of course, implementing Single Sign-On is a nightmare! If you are a developer, don't try to reinvent the wheel. I've been implementing SSO since dinosaurs were around, and I can tell you you want to check out Auth0. ​ Auth0 makes implementing SSO 100x easier. They just updated their free plan, and you get a lot without having to pay a single cent. 25,000 monthly active users, unlimited social connections, and you can go to production with custom domains. FOR FREE! ​ They are sponsoring this post. To save your time, keep your sanity, and have a really solid and secure solution, head over to their website: ​
4:57

Most developers can't explain how Single Sign-On (SSO) works. ​ This was one of my favorite questions during technical interviews. I love to ask about it because it's not a trivial topic. ​ Here is a 5-minute overview of how Single Sign-On works. ​ We all hate passwords; the less we use them, the better, and SSO helps with that. ​ When you log in to Google once and visit YouTube, Gmail, Drive, and any other connected service without re-entering your password, three players are working behind the scenes: ​ • A user trying to access an application. You, in this case. • The application you want to access. For example, YouTube. • An Identity Provider (IDP) that will verify your identity. Google, in this case. ​ Here is what happens when you try to access one application for the first time: ​ 1. You try to log in to YouTube, and the application redirects you to the Identity Provider (IDP) for authentication. ​ 2. The IDP (Google) checks your credentials and confirms your identity. It creates a new session for you on its server and sets a session cookie in your browser. ​ 3. The IDP also creates a token for YouTube—a small piece of data that contains information about your identity. ​ 4. Your browser grabs the token and presents it to YouTube. ​ 5. YouTube checks the token, and if it is valid, lets you in. ​ But then you want to access Google Drive: ​ 1. You go to Google Drive, and the application redirects you to the IDP. ​ 2. The IDP recognizes that you are still logged in because you have the session cookie. It doesn't need to ask for your credentials. ​ 3. Instead, the IDP generates a new token for Drive. ​ 4. Your browser grabs the token and presents it to Google Drive. If the token is valid, Drive lets you in. ​ You can now access multiple applications without re-entering your password. This is probably one of the best things we've invented since sliced bread! ​ But, of course, implementing Single Sign-On is a nightmare! If you are a developer, don't try to reinvent the wheel. I've been implementing SSO since dinosaurs were around, and I can tell you you want to check out Auth0. ​ Auth0 makes implementing SSO 100x easier. They just updated their free plan, and you get a lot without having to pay a single cent. 25,000 monthly active users, unlimited social connections, and you can go to production with custom domains. FOR FREE! ​ They are sponsoring this post. To save your time, keep your sanity, and have a really solid and secure solution, head over to their website: ​

Santiago

204,826 次观看 • 1 年前

🇨🇳MIT PROFESSOR: “BEIJING’S NEW RARE EARTH RULES THREATEN GLOBAL TECH SUPPLY” “The official rationale is that it is not an export ban. It is a form of export control, which is that those who use the rare earth processed in China are required to submit applications for using the rare earth process in China. That may be a distinction without a difference, but the Ministry of Commerce later on clarified their position. If fully implemented, this is going to send shockwaves globally because every electronic production uses rare earth. They set the threshold so low that virtually it means that everybody has to submit an application in order to use the Chinese processed rare earth."
3:14

🇨🇳MIT PROFESSOR: “BEIJING’S NEW RARE EARTH RULES THREATEN GLOBAL TECH SUPPLY” “The official rationale is that it is not an export ban. It is a form of export control, which is that those who use the rare earth processed in China are required to submit applications for using the rare earth process in China. That may be a distinction without a difference, but the Ministry of Commerce later on clarified their position. If fully implemented, this is going to send shockwaves globally because every electronic production uses rare earth. They set the threshold so low that virtually it means that everybody has to submit an application in order to use the Chinese processed rare earth."

Mario Nawfal

29,953 次观看 • 8 个月前

I just released a handy little chrome extension 'clipmd' that lets you click on any element in a web page, and puts in the clipboard that element converted to markdown (ctrl-shift-m), or a screenshot of it (ctrl-shift-s). Handy for LLMs! 😊
0:22

I just released a handy little chrome extension 'clipmd' that lets you click on any element in a web page, and puts in the clipboard that element converted to markdown (ctrl-shift-m), or a screenshot of it (ctrl-shift-s). Handy for LLMs! 😊

Jeremy Howard

88,028 次观看 • 6 个月前

You can see from the nuance that Zuck thinks we are in an AI CapEx bubble. But since this is a race & $META is one of the most financially stable ones in this race, they are willing to push the race further for competitors to fail, even if it means $META overspend a few $100B.
1:43

You can see from the nuance that Zuck thinks we are in an AI CapEx bubble. But since this is a race & $META is one of the most financially stable ones in this race, they are willing to push the race further for competitors to fail, even if it means $META overspend a few $100B.

Rihard Jarc

354,459 次观看 • 9 个月前

Words are words. Violence is violence. Conflating the two, licences the idea that real violence is a legitimate response to free speech. If there has been a rise in hate in Canada, it is not because we fail to police speech. It is because we fail to police actions.
1:38

Words are words. Violence is violence. Conflating the two, licences the idea that real violence is a legitimate response to free speech. If there has been a rise in hate in Canada, it is not because we fail to police speech. It is because we fail to police actions.

Shuv Majumdar

47,388 次观看 • 8 个月前