Embrace The Red
Copirate 365 Demos (2/3): Hacking M365 Copilot Memories
3:58
Embrace The Red
Hacking Consumer Copilot Demo: Memory Modification and Exfiltration. POC - Fixed.
1:58
Embrace The Red
Copirate 365 Demos (3/3): Persistent Data Exfiltration POC (CVE-2026-24299)
2:10
Embrace The Red
Copirate 365 Demos (1/3): Data Exfiltration via Copilot in Word and Excel (CVE-2026-24299)
3:54
Embrace The Red
Breaking Claude Opus 4.7 with ChatGPT (Hacking Claude's Memory)
4:56
Embrace The Red
Agent Commander: Promptware Powered C2. Your Agent Works For Me Now (OpenClaw, Kimi Claw, NanoClaw)
22:09
Embrace The Red
Moltbook for Humans: Agents, Humans, Bots and Verification Limits
5:44
Embrace The Red
Scary Agent Skills: Hidden Unicode Backdoors in AI Agent Skills! ...And How To Catch Them
2:52
Embrace The Red
Minting Next.js Authentication Cookies (Next Auth Post Exploitation)
8:26
Embrace The Red
Agentic ProbLLMs: Exploiting AI Computer-Use and Coding Agents (39c3)
58:52
Embrace The Red
From SpAIware to the Terminal DiLLMa - Prompt Injection Exploits And Fixes! (NahamCon May 2025)
44:59
Embrace The Red
Antigravity Grounded! Exploring Security Vulnerabilities in Google's Latest IDE
18:21
Embrace The Red
Claude Pirate! Data Exfiltration with Anthropic APIs and Prompt Injection
11:17
Embrace The Red
Cross-Agent Privilege Escalations: When Agents Free Each Other
7:06
Embrace The Red
Terminal DiLLMa #2: LLM Apps Secretly Writing to Your Clipboard. This can lead to RCE – Beware!
1:47
Embrace The Red
AgentHopper: An AI Virus (Proof-of-concept Research Project)
14:51
Embrace The Red
Windsurf MCP Integration: Missing Security Controls Put Users at Risk
0:49
Embrace The Red
Cline Agent: Data exfiltrations risks + how to protect yourself (responsibly disclosed to Cline)
2:19
Embrace The Red
AWS Kiro: Arbitrary Code Execution with Indirect Prompt Injection (now fixed)
12:02
Embrace The Red
Manus and the AI Kill Chain: How Prompt Injection Hijacks Manus to Expose VS Code Server To Internet
6:24
Embrace The Red
Episode 19: Amazon Q Developer: Remote Code Execution with Prompt Injection
10:56
Embrace The Red
Episode 18: Amazon Q Developer - Data Exfiltration via DNS and Prompt Injection
0:52
Embrace The Red
Episode 12: GitHub Copilot and VS Code - Remote Code Execution (CVE-2025-53773)
7:50
Embrace The Red
Episode 11: Claude Code - Data Exfiltration with DNS Requests (CVE-2025-55284)
9:11
Embrace The Red
Episode 5: Amp Code - Arbitrary Command Execution with Prompt Injection Fixed
6:23
Embrace The Red
Episode 4: Cursor IDE - Arbitrary Data Exfiltration via Mermaid (CVE-2025-54132)
5:21
Embrace The Red
Episode 3: Anthropic Filesystem MCP Server - Directory Access Bypass via Improper Path Validation
8:44
Embrace The Red
Episode 2: Turning ChatGPT Codex Into A ZombAI Agent With Prompt Injection
6:04
Embrace The Red
Episode 1: Exfiltrating ChatGPT Chat History and Memory With Indirect Prompt Injection (now fixed)
7:09
Embrace The Red
Security Advisory: Anthropic's Slack MCP Server Can Leak Your Data
8:35
Embrace The Red
AI ClickFix: Hijacking Computer-Use Agents with popular social engineering tricks, like ClickFix.
6:24
Embrace The Red
How ChatGPT Remembers You: Tutorial and Deep-Dive into Memory and Chat History Features
10:54
Embrace The Red
Hacking LLM Apps & Agents: Real-World Exploits (Prompt Injection Along the CIA Security Triad)
30:53
Embrace The Red
Gemini in Google Sheets: Prompt Injection Demo
0:40
Embrace The Red
ChatGPT Operator: Prompt Injection Exploit Demonstration (Now Mitigated)
2:09
Embrace The Red
Google Gemini: Hacking Memories with Prompt Injection and Delayed Tool Invocation
2:29
Embrace The Red
Google AI Studio: Data Exfiltration via Prompt Injection. Quickly Fixed After Responsible Disclosure
5:09
Embrace The Red
DeepSeek AI: LLM Apps that hack themselves. Finding XSS - The 10x Hacker.
0:34
Embrace The Red
DeepSeek AI Chat: From Prompt Injection To Account Takeover (responsibly disclosed and now fixed)
6:41
Embrace The Red
Claude Computer Use: The ZombAIs are coming! From Prompt Injection to Command & Control.
6:55
Embrace The Red
Spyware Injection Into ChatGPT's Long-Term Memory (SpAIware)
3:09
Embrace The Red
Microsoft Copilot: From Prompt Injection to Exfiltration of Sensitive Data | Exploit Chain Explained
4:16
Embrace The Red
Google Colab with Gemini AI - Prompt Injection Pirate Demo (POC)
1:14
Embrace The Red
GitHub Copilot Chat - From Prompt Injection to Data Exfiltration
0:49
Embrace The Red
LLM Vulnerability Scanning with garak. Tutorial: Test your own chat bots!
19:14
Embrace The Red
ChatGPT: Hacking Memories via Images (Prompt Injection to Persistent Memories)
0:52
Embrace The Red
Backdooring Keras Models and How to Detect It (Machine Learning Attack Series)
9:53
Embrace The Red
Bobby Tables but with LLMs: Google NotebookLM - Data Exfiltration POC
1:05
Embrace The Red
ASCII Smuggling: Crafting Invisible Text and Decoding Hidden Secrets -New Threat for LLMs and beyond
7:50
Embrace The Red
Real-world exploits and mitigations in LLM applications (37c3)
42:35
Embrace The Red
Hacking Google Bard: Prompt Injection to Data Exfiltration via Image Markdown Rendering (Demo Video)
1:18
Embrace The Red
Data Exfiltration Vulnerabilities in LLM Applications and Chatbots: Bing Chat, ChatGPT and Claude
9:35
Embrace The Red
Bing Chat - Data Exfiltration Exploit (responsibly disclosed to Microsoft and now fixed)
1:39
Embrace The Red
POC - ChatGPT Plugins: Indirect prompt injection leading to data exfiltration via images
1:31
Embrace The Red
Adversarial Prompting - Tutorial + Lab
20:46
Embrace The Red
Prompt Injections - An Introduction
14:56
Embrace The Red
Decrypting SSL/TLS browser traffic with Wireshark (using netsh trace start)
3:47
Embrace The Red
Simplify your life with ChatGPT API Shell Integration: Yolo your Bash + PowerShell Assistant (GPT-4)
7:35
Embrace The Red
Grabbing and cracking macOS password hashes (with dscl and hashcat)
5:27
Embrace The Red
SSH Agent Hijacking - Hacking technique for Linux and macOS explained
7:26
Embrace The Red
How to extract NTLM Hashes from Wireshark Captures for cracking with Hashcat
5:12
Embrace The Red
SQL Injection Attacks For Beginners (Basics)
17:52
Embrace The Red
Server-Side Request Forgery (SSRF) hacking variations you MUST KNOW about!
9:16
Embrace The Red
Using IP Addresses with Integer Notation (Bug Bounty Tip for Server Side Request Forgery)
0:30
Embrace The Red
Flipper Zero - Commodore Logo and C64 Cursor Animation
0:11
Embrace The Red
Dumping cleartext Wi-Fi passwords using netsh in Windows (netsh wlan show profiles)
4:15
Embrace The Red
Two ChatGPT bots using unofficial API to play Tic-Tac-Toe autonomously against each other
4:00
Embrace The Red
SameSite Cookies for Everyone - Cross Site Request Forgery Mitigations (follow up)
4:16
Embrace The Red
ChatGPT - Imagine you are a Microsoft SQL Server database server
7:39
Embrace The Red
ChatGPT - Commodore 64
0:34
Embrace The Red
Understanding the basics of Cross-Site Request Forgery attacks
18:45
Embrace The Red
Pass the Cookies and Pivot to the Clouds
12:16
Embrace The Red
Flipper Zero - XBox Remote
0:17
Embrace The Red
Hacking Machine Learning Systems (Red Team Edition) - AI Hacker
59:36
Embrace The Red
Trailer: Learn how to hack neural networks, so that we don't get stuck in the matrix!
0:32
Embrace The Red
Awakening Beethoven with Machine Learning
0:31
Embrace The Red
Performing port-proxying and port-forwarding on Windows
4:31
Embrace The Red
Image Scaling Attacks are CRAZY!!! Hiding images in plain sight (Machine Learning)
5:46
Embrace The Red
What is Tabnabbing?
5:00
Embrace The Red
What is Cross Site Scripting (XSS)?
12:57
Embrace The Red
Web Application Security Fundamentals (must know basics for developers, testers and hackers)
26:25
Embrace The Red
How companies are breached: The anatomy of a compromise
6:58