Joe Lucas
@hackthis.ai
AI Security @ NVIDIA
OSS Security @ Project Jupyter and NumFOCUS
https://developer.nvidia.com/blog/author/jolucas/
OSS Security @ Project Jupyter and NumFOCUS
https://developer.nvidia.com/blog/author/jolucas/
Reposted by Joe Lucas
TIL Claude's new code interpreter mode has a /mnt/skills/public/ folder full of prompt instructions and Python utilities for creating and manipulating pdf, docx, pptx, xlsx files - and you can ask Claude for a copy and learn a TON about working with those formats […]
Original post on fedi.simonwillison.net
fedi.simonwillison.net
October 11, 2025 at 12:01 AM
TIL Claude's new code interpreter mode has a /mnt/skills/public/ folder full of prompt instructions and Python utilities for creating and manipulating pdf, docx, pptx, xlsx files - and you can ask Claude for a copy and learn a TON about working with those formats […]
Reposted by Joe Lucas
Seriously though, I would totally take on a motivated high school student who wanted to do math and software.
Bring back apprenticeships
obviously actual domain knowledge isn't going anywhere so it seems like the gap between more experienced and less experienced developers will widen? with less knowledge transfer and incentives to learn. i've learned a lot from conversations i'm no longer observing
August 9, 2025 at 11:32 PM
Seriously though, I would totally take on a motivated high school student who wanted to do math and software.
Reposted by Joe Lucas
AWS security bulletin: aws.amazon.com/security/sec...
"This issue did not affect any production services or end-users."
Weird how customer logs show the wiper prompt executing.
Anyone else see "clean a system to a near-factory state" in your logs?
"This issue did not affect any production services or end-users."
Weird how customer logs show the wiper prompt executing.
Anyone else see "clean a system to a near-factory state" in your logs?
July 24, 2025 at 2:01 AM
AWS security bulletin: aws.amazon.com/security/sec...
"This issue did not affect any production services or end-users."
Weird how customer logs show the wiper prompt executing.
Anyone else see "clean a system to a near-factory state" in your logs?
"This issue did not affect any production services or end-users."
Weird how customer logs show the wiper prompt executing.
Anyone else see "clean a system to a near-factory state" in your logs?
“hooks are user-defined shell commands that execute at various points in Claude Code’s lifecycle.”
“Hooks execute shell commands with your full user permissions without confirmation.”
docs.anthropic.com/en/docs/clau...
“Hooks execute shell commands with your full user permissions without confirmation.”
docs.anthropic.com/en/docs/clau...
Hooks - Anthropic
Customize and extend Claude Code's behavior by registering shell commands
docs.anthropic.com
July 1, 2025 at 12:21 AM
“hooks are user-defined shell commands that execute at various points in Claude Code’s lifecycle.”
“Hooks execute shell commands with your full user permissions without confirmation.”
docs.anthropic.com/en/docs/clau...
“Hooks execute shell commands with your full user permissions without confirmation.”
docs.anthropic.com/en/docs/clau...
Reposted by Joe Lucas
🚨 Challenge Spotlight: AIS Sudden Death ⚓
At DEFCON 33’s Maritime Hacking Village, satellite comms are down, and spoofed AIS signals are your only clue. One ship is real. One’s a trap. Choose right or sink trying.
5 rounds. Zero forgiveness. Can you spot the spoof?
@defcon.bsky.social #CTF #AIS
At DEFCON 33’s Maritime Hacking Village, satellite comms are down, and spoofed AIS signals are your only clue. One ship is real. One’s a trap. Choose right or sink trying.
5 rounds. Zero forgiveness. Can you spot the spoof?
@defcon.bsky.social #CTF #AIS
June 26, 2025 at 1:55 PM
🚨 Challenge Spotlight: AIS Sudden Death ⚓
At DEFCON 33’s Maritime Hacking Village, satellite comms are down, and spoofed AIS signals are your only clue. One ship is real. One’s a trap. Choose right or sink trying.
5 rounds. Zero forgiveness. Can you spot the spoof?
@defcon.bsky.social #CTF #AIS
At DEFCON 33’s Maritime Hacking Village, satellite comms are down, and spoofed AIS signals are your only clue. One ship is real. One’s a trap. Choose right or sink trying.
5 rounds. Zero forgiveness. Can you spot the spoof?
@defcon.bsky.social #CTF #AIS
Reposted by Joe Lucas
Small but important feature I just noticed: Gemini can now load provided URLs into context
May 29, 2025 at 6:33 PM
Small but important feature I just noticed: Gemini can now load provided URLs into context
Reposted by Joe Lucas
If you're interested in the security of agentic systems, you're not going to want to miss this talk. @beccalunch.bsky.social will present NVIDIA AI Red Team findings in real world agentic systems, and I'll talk about how the AI Security team helps mitigate them.
www.blackhat.com/us-25/briefi...
www.blackhat.com/us-25/briefi...
Black Hat
Black Hat
www.blackhat.com
May 19, 2025 at 8:56 PM
If you're interested in the security of agentic systems, you're not going to want to miss this talk. @beccalunch.bsky.social will present NVIDIA AI Red Team findings in real world agentic systems, and I'll talk about how the AI Security team helps mitigate them.
www.blackhat.com/us-25/briefi...
www.blackhat.com/us-25/briefi...
Everyone’s looking at jailbreaks. We wanted to look deeper and noticed a cool side channel in a popular inference optimization technique.
Latest from the NVIDIA AI Red Team: developer.nvidia.com/blog/structu...
Latest from the NVIDIA AI Red Team: developer.nvidia.com/blog/structu...
Structuring Applications to Secure the KV Cache | NVIDIA Technical Blog
When interacting with transformer-based models like large language models (LLMs) and vision-language models (VLMs), the structure of the input shapes the model’s output. But prompts are often more…
developer.nvidia.com
April 30, 2025 at 11:24 AM
Everyone’s looking at jailbreaks. We wanted to look deeper and noticed a cool side channel in a popular inference optimization technique.
Latest from the NVIDIA AI Red Team: developer.nvidia.com/blog/structu...
Latest from the NVIDIA AI Red Team: developer.nvidia.com/blog/structu...
Reposted by Joe Lucas
What's your take on the growing dominance of automated attacks and the implications for AI red teams? Here's ours— based on our analysis of 30 LLM challenges, attempted by 1,674 unique Crucible users, across 214,271 attack attempts: arxiv.org/abs/2504.19855
April 29, 2025 at 4:15 PM
What's your take on the growing dominance of automated attacks and the implications for AI red teams? Here's ours— based on our analysis of 30 LLM challenges, attempted by 1,674 unique Crucible users, across 214,271 attack attempts: arxiv.org/abs/2504.19855
@nilslice.bsky.social for devs just getting excited about wasm, what resources would you recommend they study/explore?
Is it worth learning internals or just consuming it as a compilation target? Are there ecosystem things to explore to become a power user?
Is it worth learning internals or just consuming it as a compilation target? Are there ecosystem things to explore to become a power user?
April 12, 2025 at 11:04 PM
@nilslice.bsky.social for devs just getting excited about wasm, what resources would you recommend they study/explore?
Is it worth learning internals or just consuming it as a compilation target? Are there ecosystem things to explore to become a power user?
Is it worth learning internals or just consuming it as a compilation target? Are there ecosystem things to explore to become a power user?
Reposted by Joe Lucas
One of my teams at Google, 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆, is expanding in 𝗭𝘂𝗿𝗶𝗰𝗵 🇨🇭and 𝗡𝗲𝘄 𝗬𝗼𝗿𝗸 🇺🇸. We're looking for 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝘀 with experience in attacking and securing AI/ML systems. DMs open.
April 9, 2025 at 6:45 PM
One of my teams at Google, 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆, is expanding in 𝗭𝘂𝗿𝗶𝗰𝗵 🇨🇭and 𝗡𝗲𝘄 𝗬𝗼𝗿𝗸 🇺🇸. We're looking for 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝘀 with experience in attacking and securing AI/ML systems. DMs open.
Reposted by Joe Lucas
We're hosting select cybersecurity researchers right after RSAC '25 to share breakthroughs and insights into AI's applications for security. We're at capacity but if interested, submit your name to be considered, space permitting. docs.google.com/forms/d/e/1F...
OpenAI Security Research Conference
Please use this form to be added to the waitlist for the OpenAI Security Research Conference. Tickets are limited.
docs.google.com
April 7, 2025 at 11:32 PM
We're hosting select cybersecurity researchers right after RSAC '25 to share breakthroughs and insights into AI's applications for security. We're at capacity but if interested, submit your name to be considered, space permitting. docs.google.com/forms/d/e/1F...
Lessons from CVE-2025-29783:
1) AI attack surface continues to expand with new features and infra
2) pickle is used in ML for more than models
3) dev moves fast; establish standards early to prevent security tech debt
4) traditional appsec tooling is still 🔥 (found w/ @semgrep.bsky.social)
1) AI attack surface continues to expand with new features and infra
2) pickle is used in ML for more than models
3) dev moves fast; establish standards early to prevent security tech debt
4) traditional appsec tooling is still 🔥 (found w/ @semgrep.bsky.social)
March 23, 2025 at 1:33 AM
Lessons from CVE-2025-29783:
1) AI attack surface continues to expand with new features and infra
2) pickle is used in ML for more than models
3) dev moves fast; establish standards early to prevent security tech debt
4) traditional appsec tooling is still 🔥 (found w/ @semgrep.bsky.social)
1) AI attack surface continues to expand with new features and infra
2) pickle is used in ML for more than models
3) dev moves fast; establish standards early to prevent security tech debt
4) traditional appsec tooling is still 🔥 (found w/ @semgrep.bsky.social)
French government mad lads. Open sourcing a tool 👍
Using a static set of creds for people to demo collaborative editing 🤪
github.com/suitenumeriq...
impress-preprod.beta.numerique.gouv.fr/docs/0aa856e...
Using a static set of creds for people to demo collaborative editing 🤪
github.com/suitenumeriq...
impress-preprod.beta.numerique.gouv.fr/docs/0aa856e...
March 16, 2025 at 6:34 PM
French government mad lads. Open sourcing a tool 👍
Using a static set of creds for people to demo collaborative editing 🤪
github.com/suitenumeriq...
impress-preprod.beta.numerique.gouv.fr/docs/0aa856e...
Using a static set of creds for people to demo collaborative editing 🤪
github.com/suitenumeriq...
impress-preprod.beta.numerique.gouv.fr/docs/0aa856e...
Cool talk from Jonathan Birch on serialization mutation vulns: youtu.be/cD3FiTQ5Lhk
Second Breakfast: Implicit and Mutation-Based Serialization Vulnerabilities in .NET - Jonathan Birch
YouTube video by NDC Conferences
youtu.be
March 14, 2025 at 11:49 AM
Cool talk from Jonathan Birch on serialization mutation vulns: youtu.be/cD3FiTQ5Lhk
Has anyone found a prompt catalog/fetcher that they like for team collaboration? (“has anyone else built a useful prompt for X task?”)
March 13, 2025 at 12:52 PM
Has anyone found a prompt catalog/fetcher that they like for team collaboration? (“has anyone else built a useful prompt for X task?”)
Reposted by Joe Lucas
Do people still like discord ? Should we set up an openai security chat on the openai discord server ?
March 6, 2025 at 2:35 PM
Do people still like discord ? Should we set up an openai security chat on the openai discord server ?
Reposted by Joe Lucas
🌼 🤖 🌺 💻 🌷
Spring's almost here, hackers!
Get your projects out of hibernation and submit to the 2025 HushCon NYC CFP. Con is just around the corner June 13th and 14th.
Spring's almost here, hackers!
Get your projects out of hibernation and submit to the 2025 HushCon NYC CFP. Con is just around the corner June 13th and 14th.
March 5, 2025 at 10:03 PM
🌼 🤖 🌺 💻 🌷
Spring's almost here, hackers!
Get your projects out of hibernation and submit to the 2025 HushCon NYC CFP. Con is just around the corner June 13th and 14th.
Spring's almost here, hackers!
Get your projects out of hibernation and submit to the 2025 HushCon NYC CFP. Con is just around the corner June 13th and 14th.
Reposted by Joe Lucas
NeurIPS main track CFP is open. I'm a co-chair for the Datasets & Benchmarks track this year--stay tuned for more details coming soon! neurips.cc/Conferences/...
NeurIPS 2025 Call for Papers
neurips.cc
February 24, 2025 at 10:14 PM
NeurIPS main track CFP is open. I'm a co-chair for the Datasets & Benchmarks track this year--stay tuned for more details coming soon! neurips.cc/Conferences/...
With all of these SaaS built on AI endpoints, it'll be interesting to see if we have to relearn some painful lessons about versioning. System prompts will evolve and it seems unlikely that providers will want to continue allocating compute for previous generations of models.
February 18, 2025 at 6:50 PM
With all of these SaaS built on AI endpoints, it'll be interesting to see if we have to relearn some painful lessons about versioning. System prompts will evolve and it seems unlikely that providers will want to continue allocating compute for previous generations of models.