Tag: #securityresearch
Last month, I discovered something that stopped me cold during a routine penetration test. A developer had spun up an Ollama server to experiment with local AI models. Nothing unusual about that, except the server was publicly accessible with no authentication. The models it hosted had been trained on internal company data. This scenario plays […]
AI agents are moving fast from experimentation to everyday use. Tools like Moltbot promise automation, local control, and flexibility. But recent security findings show how quickly that promise can turn into risk when guardrails are missing. Researchers have uncovered exposed Moltbot instances, leaked credentials, and a malicious VS Code extension masquerading as an official AI […]
A recently discovered security vulnerability, dubbed GoFetch, poses a significant threat to Apple M-series processors. This flaw could be exploited by malicious actors to extract secret encryption keys, potentially compromising sensitive data on affected devices. Technical Analysis: Microarchitectural Side-Channel Attacks GoFetch falls under the category of microarchitectural side-channel attacks. These attacks exploit unintended information leakage […]