Home » Archive for May 2026

Prompt Injection: Attack against LLM

- Posted in Threat Analyze by
Prompt Injection: Attack against LLM
Background: Prompt injection is one of the most well-known attacks against LLMs. The primary goal of a threat actor in such attacks is to extract secrets and other sensitive data from the environment [...] Read more

Data Poisoning Attacks on LLM leveraged Product Support Bots: Attack, Risk, Prevention

- Posted in Threat Analyze by
Data Poisoning Attacks on LLM leveraged Product Support Bots: Attack, Risk, Prevention
Background: Because industry started leveraging AI capabilities for routine cases like general customer support, a new threat has emerged: data poisoning. Core attack category: Based on MITRE ATLAS, [...] Read more

Malicious Use of Ansible by Threat Actors

- Posted in Hardenings by
Malicious Use of Ansible by Threat Actors
Background: Ansible is a legitimate tool used by specialists to manage environments at scale. However, threat actors can also abuse this tool to deploy malicious payloads or establish persistence. [...] Read more

Morse Code and the Failure of Text-Based Detection

- Posted in Leak by
Morse Code and the Failure of Text-Based Detection
Background: Sometimes, in alert detection engineering, we can rely on plain-text detection, and even IDS rules can fail during body analysis. Attackers may achieve this by using more exotic methods [...] Read more

Kubernetes Forensics: Secret Rotation from Ruin to Recovery

- Posted in Incident Response by
Kubernetes Forensics: Secret Rotation from Ruin to Recovery
Background: In this section, we will discuss specific actions during evidence collection, log analysis, and recovery for situations where it is necessary to determine if unencrypted secrets or [...] Read more