Tag: security

Graz University's FROST attack uses JavaScript SSD timing to fingerprint websites and apps. Reconstructing behavioural graphs from side-channel data opens a new dimension in privacy attack analysis.

Microsoft's record 206-CVE Patch Tuesday proves CVSS scores alone cannot prioritise. Knowledge graphs mapping dependency blast radius and reachability are the only scalable defence.

Strategic trends shaping enterprise AI infrastructure in 2026 and beyond, focusing on digital sovereignty, regulatory compliance, and sustainable self-hosted AI deployments.

Microsoft's DELEGATE-52 benchmark proves frontier models corrupt documents beyond 20 interactions. One week later, Google confirmed criminals used AI for a real zero-day exploit. The two findings describe the same gap from opposite ends.

Implement Zero-Trust architecture for self-hosted AI systems. Discover comprehensive authentication patterns, access control strategies, and security implementations that protect enterprise AI workloads without vendor lock-in.

Researchers from Johns Hopkins demonstrated that GitHub PR titles and issue comments can hijack Claude Code, Gemini CLI, and Copilot Agent to steal credentials, all without an external command-and-control server.

Kubescape 4.0 brings eBPF-based runtime threat detection to general availability, adds AI agent security scanning for KAgent workloads, and removes the high-privilege host-sensor DaemonSet entirely.

CVE-2026-33032 exposes how bolting Model Context Protocol endpoints onto existing applications creates dangerous attack surfaces, with 2,600 nginx-ui instances actively exploitable.