Nice short article on the bobtail squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't ...
This academic year, I am taking a sabbatical from the Kennedy School and Harvard University. (It's not a real sabbatical--I'm just an adjunct--but ...
Think of the Web as a digital territory with its own social contract. In 2014, Tim Berners-Lee called for a "Magna Carta for the Web" to restore th...
Well, this is interesting: > The auction, which will include other items related to cryptology, will be held Nov. 20. RR Auction, the company arra...
In this input integrity attack against an AI system, researchers were able to fool AIOps tools: > AIOps refers to the use of LLM-based agents to g...
A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups: > The vulnerability seemed to have super Windows po...
Researchers have managed to eavesdrop on cell phone voice conversations by using radar to detect vibrations. It's more a proof of concept than anyt...
Here's the story. The commenters on X (formerly Twitter) are unimpressed. As usual, you can also use this squid post to talk about the security st...
Porn sites are hiding code in .svg files: > Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured ...
Here's an interesting story about a failure being introduced by LLM-written code. Specifically, the LLM was doing some code refactoring, and when i...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
