AI Found Twelve New Vulnerabilities in OpenSSL
The title of the post is”What AI Security Research Looks Like When It Works,” and I agree: In the latest…
Security
From Shadow APIs to Shadow AI: How the API Threat Model Is Expanding Faster Than Most Defenses
The shadow technology problem is getting worse. Over the past few years, organizations have scaled microservices, cloud-native apps, and partner…
Inside Modern API Attacks: What We Learn from the 2026 API ThreatStats Report
API security has been a growing concern for years. However, while it was always seen as important, it often came…
Google Addresses Actively Exploited Chrome Vulnerability CVE-2026-2441
The discovery of CVE-2026-2441 reveals a critical zero-day vulnerability in Google Chrome that is actively being exploited in the wild.…
Side-Channel Attacks Against LLMs
Here are three papers describing different side-channel attacks against LLMs. “Remote Timing Attacks on Efficient Language Model Inference“: Abstract: Scaling…
The Promptware Kill Chain
Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks…
Friday Squid Blogging: Do Squid Dream?
An exploration of the interesting question.
10 Cost-Saving Tips to Buy SSL Certificates at the Best Price
Every website need SSL certificate that handles forms, logins, payments, or user data. If encryption is not enabled, browsers block…
3D Printer Surveillance
New York is contemplating a bill that adds surveillance to 3D printers: New York’s 20262027 executive budget bill (S.9005 /…
7,000 Servers and Counting: The Rise of the SSHStalker Linux Botnet
Cybercriminal groups and opportunistic botnet operators continue to shift toward scale-first, persistence-driven operations that rely heavily on misconfigurations, weak authentication,…