Security

Discover the latest news, reviews, and best practices in information security. Stay updated on cybersecurity threats, protection strategies, and innovations in safeguarding data

Alive Photos: Creating a Private Steganographic Audio Player with Python and PyQt6

Hello, tekkix!

Debugging with “Tetris”: A step-by-step guide to creating and hiding the classic game in your project

Hello, tekkix! Every developer reaches a point in a serious project when they want to take a break and write something just for fun. Something simple, classic, and yet…

Balancing on the Edge: How to Implement Differential Privacy in Analytical Pipelines in Python

17:56
13.06.9166

In this article, I will explain how to add Differential Privacy mechanisms to your ETL and analytical pipelines in Python to protect user data while maintaining the quality…

What remains after us online — and how to deal with it

My friend passed away recently.

AI attacks, AI defends: how to use neural networks in information security

Hello! We share with you the material prepared by Roman Strelnikov — head of the information security department at Bitrix24. Roman is the person who controls everything…

Analysis of CVE-2025-27736 vulnerability in Power Dependency Coordinator

17:52
13.06.7638

This article is dedicated to the bug in Power Dependency Coordinator, patched by Microsoft in April of this year.

Fortress under surveillance: installing Maltrail to catch "spies"

17:52
13.06.6920

Hello, tekkix!

Here's the translated text you requested: How I made friends with Yandex Cloud and Gemini API without migrating to foreign servers

17:52
13.06.1992

When I started writing the Node.js service that was supposed to integrate with the LLM model, I already understood that access to some foreign APIs from Russia could…

Kristina Svechinskaya: How a Young Russian Woman Became a Star of the Cybercriminal World

If you enter the phrase "most famous female hackers" into any foreign search engine, the impartial search engine will instantly generate a list, with Kristina Svechinskaya…

Frontend Risks #1: Bitrix CMS sends your clients' data to Ireland

As a result of my security research of 3,000 Russian frontend applications, it was discovered that Bitrix CMS has been transmitting website visitors' personal data to…

When Language Models Turn Against You: A Study of Backdoors in LLM

Imagine you're running a call center and decide to implement an open LLM for automating communication. Everything works great—until a scammer whispers a strange phrase,…

Hydroph0bia — from bypassing SecureBoot to modifying the DXE volume in Insyde H2O UEFI-compatible firmware

Hello, reader. In front of you is the second article about a serious vulnerability I found in UEFI-compatible firmware based on the Insyde H2O platform, which I named…

Electronic signature leak: how to lose property, money, and a company

Electronic signatures have long been an integral part of corporate processes. They are used to sign crucial documents, confirm transactions, and conduct financial operations.…

A hole in Cloudflare’s shield: how the attack on Jabber.ru exposed a problem no one has talked about since 2023

17:50
13.06.9865

Many remember the year-before-last incident with the Man-in-the-Middle attack on the XMPP service jabber.ru. This story caused a lot of noise, but I think the main point…

No security exists: how the NSA hacks your secrets

17:50
13.06.9461

Finite fields, hash mincers, covert radio channels, and trojans soldered into silicon. While we pride ourselves on AES-256 locks, intelligence agencies seek workarounds:…

Zerotrust the Streetwise Way #3. Endpoint Protection

Security

Discover the latest news, reviews, and best practices in information security. Stay updated on cybersecurity threats, protection strategies, and innovations in safeguarding data

Alive Photos: Creating a Private Steganographic Audio Player with Python and PyQt6

Debugging with “Tetris”: A step-by-step guide to creating and hiding the classic game in your project

Balancing on the Edge: How to Implement Differential Privacy in Analytical Pipelines in Python

What remains after us online — and how to deal with it

AI attacks, AI defends: how to use neural networks in information security

Analysis of CVE-2025-27736 vulnerability in Power Dependency Coordinator

Fortress under surveillance: installing Maltrail to catch "spies"

Here's the translated text you requested: How I made friends with Yandex Cloud and Gemini API without migrating to foreign servers

Kristina Svechinskaya: How a Young Russian Woman Became a Star of the Cybercriminal World

Frontend Risks #1: Bitrix CMS sends your clients' data to Ireland

When Language Models Turn Against You: A Study of Backdoors in LLM

Hydroph0bia — from bypassing SecureBoot to modifying the DXE volume in Insyde H2O UEFI-compatible firmware

Electronic signature leak: how to lose property, money, and a company

A hole in Cloudflare’s shield: how the attack on Jabber.ru exposed a problem no one has talked about since 2023

No security exists: how the NSA hacks your secrets

Zerotrust the Streetwise Way #3. Endpoint Protection

How HTTP is Used for DNS: DNS-over-HTTPS in Practice

How a Designer’s Stolen Passwords Nearly Tanked a Startup [MITRE: T1078 — Valid Accounts]

Also read

AI Integrator: a profession not found in textbooks — I built it myself on n8n

How many people are needed to develop a web product in 2026: breakdown of a viable team composition

Threat modeling for those with paws

OpenBSD 7.9: Wi-Fi 6, USB4 and 255 Core Support. Key OS Changes