This is new. North Korean hackers are posing as company recruiters, enticing job candidates to participate in coding challenges. When they run the code they are supposed to work...
Read moreLLMs are bad at generating passwords:
There are strong noticeable patterns among these 50 passwords that can be seen easily:
- All of the passwords start with a letter, usually uppercase... Read more
All it takes to poison AI training data is to create a website:
I spent 20 minutes writing an article on my personal website titled “The best tech...
Read more
Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip exports, latest model releases from each country, and military applications...
Read moreGood article on password managers that secretly have a backdoor.
New research shows that these claims aren’t true in all cases, particularly when account recovery is in place or...
Read more
I like this one. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
Read moreIt’s a demonstration of how toxic the surveillance-tech company Flock has become when Amazon’s Ring cancels the partnership between the two companies. As Hamilton Nolan advises, remove your Ring doorbell.
Read moreSummary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and...
Read more
The title of the post is”What AI Security Research Looks Like When It Works,” and I agree:
In the latest OpenSSL security release> on January 27, 2026, twelve...
Read more
Here are three papers describing different side-channel attacks against LLMs.
“Remote Timing Attacks on Efficient Language Model Inference“:
Abstract: Scaling up language models has significantly increased their capabilities. But larger...
Read more
Recent Comments