Today a bunch of my open-source projects got slammed by incorrect AI-written vulnerability reports demanding $299 for disclosure

impulse9@chaos.social

@issyl0 @jonty thank you!

spaceinvader@social.securitytheater.net

@jonty Yeah, I wouldn’t pay $299 for something with only a SHA-256 seal! That’s more than $1/bit.

eatyourgreens@mastodon.social

@jonty isn’t extortion a teensy bit illegal in the UK?

luc0x61@mastodon.gamedev.place

@jonty When you have a perfect idiot machine to generate massive scam, why don't?
Here's the real added value of LLMs, where to monetize on.

guillotine_jones@beige.party

@jonty
Who said Ai isn't making money?

n1xnx@tilde.zone

@jonty
Sounds like criminal extortion to me.
Send a C&D letter and f9ile a complaint with the police? Since it's over the wire, that makes it Federal if it's in the US.

nobody@mastodon.acm.org

@jonty
"You're in a desert, Leon, walking along in the sand ..."

tr4nt0r@chaos.social

@jonty more like Veritas scamming engine. Also got an issue yesterday, but it was empty without any details. But I instantly deleted it and blocked the account.

rndanger@infosec.exchange

@eatyourgreens @jonty
Not if you put pressure on the right people

musevg@23.social

@jonty @da_667
So… This is your code? And they created an issue about 2 alleged vulnerabilities and are asking you for $299 to disclose them to you?

xeno@hexokina.se

@jonty@chaos.social this is just a sloppy attempt at automated extortion

(to the creator of this “””tool”””) get fucked mate