The Detection & Response Chronicles: Covert Operations Through QEMU
Adversaries have always relied on legitimate tools to carry out their attacks. These tools are already trusted by security solutions, which allows them to blend in with normal activity, maintain a low footprint, and make detection much harder for defenders. By using these legitimate tools, adversaries can carry out a wide range of actions, such…
Securing AI systems without overconfidence or fear – Part 2: Attack surfaces and the checkpoint flow
Part 1 explained how we have to bound behavior instead of asserting exact outputs. This post maps where to place…
Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely
Keyloggers: A Persistent Threat Nowadays, virtually all digital services rely on logins and authentication, from email inboxes to help desks.…
The Axios npm supply chain incident: fake dependency, real backdoor
On March 31, 2026, two malicious Axios versions (1.14.1 and 0.30.4) were briefly published to npm via a compromised maintainer…
Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism
This is the first of five posts on testing AI systems securely. If you’ve shipped or evaluated AI in production,…
Ivanti EPMM ‘Sleeper Shells’ not so sleepy?
In late January 2026, an advisory covering two remote code execution vulnerabilities (CVE-2026-1281 & CVE-2026-1340) in Ivanti Endpoint Manager Mobile…
Capture the Kerberos Flag: Detecting Kerberos Anomalies
Kerberos is one of the most common protocols in organizations that utilize Windows Active Directory, and an essential part of…
Something went wrong. Please refresh the page and/or try again.