Posted on Mi, 2026-02-11 in genai • Tagged with security, ai
Anthropic recently published a blogpost detailing how their latest model, Claude Opus 4.6, discovered over 500 zero-day vulnerabilities in open-source software. The news was quickly picked up by outlets like Golem, but I can’t help but feel a sense of déjà vu. This reminds me of headlines from …
Posted on Fr, 2025-11-28 in other • Tagged with security, ai
At my current job, I am consulting customers regarding various security topics. Naturally, GenAI comes up a lot these days, so I did a deep dive into AppSec for GenAI applications. As a result I also wrote to blog posts (in german though) on the topic. Enjoy.
Posted on Di, 2016-04-26 in ctf • Tagged with ctf, losfuzzys, graz
In 2014 some infosec interested students at TU Graz started playing CTFs under the name LosFuzzys. In the last year, thanks to stefan and a couple of other very motivated guys, we managed to get more people interested and the whole thing going. Checkout our site for write-ups and more …
Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, javascript, node.js
OK I have to confess I solved this challenge by pure luck. The setting was that there is a service that allows you to register and the upload files. The uploaded files can be shared by creating a link, which contains a HMAC over the user and the filename. If …
Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, sql, php
This was a fun challenge :) The setting was that the royal bank of Fluxembourg was hacked by Killy the Bit and now they set up a page to reset the user passwords. Because Killy owes us a favor we received the source code for the password resetting page. So the …