Security Week 2623: user tracking via SSD
Researchers from Graz University of Technology in Austria published a scientific paper proposing a method to track user activity through a browser
Researchers from Graz University of Technology in Austria published a scientific paper proposing a method to track user activity through a browser
So here’s a common, overused narrative: greedy corporations invented the protection, and evil hackers cracked it. It’s flashy, dramatic, and of course completely untrue.
Incident investigation is a critically important subprocess of information security incident management, aimed at identifying the primary vector of compromise, minimizing…
I created a custom benchmark to evaluate language models, as standard public tests do not answer my core question: which model performs better at triaging security findings.…
When building a private messenger, sooner or later you run into an uncomfortable question: what exactly protects the user, your promises or your architecture. Promises…
OpenBSD 7.9 was released in May 2026. In the new version, developers updated the task scheduler for hybrid processors, added a deferred hibernation mechanism, refined…
It is widely believed that the modern IT world was built by Gates, Jobs or Torvalds. But without one bearded hacker from MIT who had a bitter falling out with a Xerox…
Hello, tekkix! My name is Sergey Zinovyev, I am an information security business partner at Avito. While some code security scans can be easily automated, vulnerabilities…
We share how we integrated a CodeBERT-based secret classification model into a production product with strict hardware constraints, reducing inference time from 320 to…
Cilium operates at the kernel level in millions of Kubernetes pods, making its build pipeline a high-value target; compromising it could have a SolarWinds-like impact…
It is probably best to start by explaining what a cargo cult is in general. In short: people in fairly primitive societies observed huge aircraft dropping food and ammunition…
My name is Boris Uskov, I head the network analytics team at Garde. Most anomalies we see in a customer's network in the first days after NDR deployment are not attacks…
The ancient Greeks and Romans invented almost everything—from democracy to aqueducts and… steganography, which was discussed in the previous publication.
How routine development of PoC applications for Android led to the creation of a proprietary payload constructor from the idea generation to the emergence of DexRunner…
Top AI models with 95% on SWE-bench show 0% and 3% on ProgramBench benchmark where tasks are specially not overlapping with the training sample.
I’d like to share my open-source tool for finding directories and subdomains, also known as a crawler, with you. I’m not claiming it will revolutionize the crawler space…
JDK 27 will introduce JEP 527: hybrid post-quantum key exchange for TLS 1.3. We break down what changes in JSSE, why X25519MLKEM768 is needed, and what issues may arise…
Disclaimer: the article mentions my own messenger ONEMIX several times. If that triggers you, close this now, I won't be offended. If you're interested in how Meta and…