Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Security Boulevard

What TikTok’s virtual machine tells us about modern bot defenses

A recent Hacker News post looked at the reverse engineering of TikTok’s JavaScript virtual machine (VM). Many commenters assumed the VM was malicious, designed for invasive tracking or surveillance.
GitHub

reef-pi

After every change published to the main branch, the deb workflow automatically builds and uploads Debian packages as GitHub Actions artifacts. These snapshot builds are available for 30 days.
GitHub

playwright-test-runner

This is a boilerplate/template for a Playwright-Typescript framework for web UI, API, mobile emulation, DB, and visual testing. Docker image, SonarQube, Lighthouse, GitHub Actions setup with Slack ...