Vitaly Simonovich
Security Researcher
Vulnerability Research · Threat Intelligence · AI Security
Senior security researcher working across vulnerability research, threat intelligence, and AI security. I break systems the way real attackers do, from core internet infrastructure like DNS and glibc to browsers, web platforms, and LLMs, and turn those findings into practical defenses, threat reports, and education so organizations can stay ahead of attackers.
githublinkedinxRemote, available worldwide
Last updated: July 17, 2026
At a glance
- 10+Years Experience
- 21CVEs Discovered
- 9+Public Speaking
- 41+Press Mentions
Areas of expertise
- Vulnerability Research
- Threat Intelligence
- LLM & GenAI Security
- Jailbreaks & Prompt Injection
- Application Security
- Data Security
- Offensive Security & CTFs
- Security Education & Public Speaking
Highlights
HashJack Research
First known indirect prompt injection technique weaponizing URL fragments to manipulate AI browser assistants. Covered by Forbes, The Register, and The Hacker News.
Apple WebKit Vulnerabilities
Two flaws in Apple WebKit (CVE-2026-28917, CVE-2026-28962): a memory-safety crash and an information disclosure issue, both fixed in Safari 26.5.
Operation Poisson
A 33-day French-speaking cybercrime operation captured command-by-command, revealing how a junior operator used Tailscale and OpenSSH to keep access after his C2 went offline. Covered by The Hacker News.
MongoDB Hall of Fame
Pre-authentication denial of service in MongoDB Server (CVE-2026-25611, High severity) and induction into the MongoDB Security Researcher Hall of Fame.
Core Infrastructure CVEs
A 2026 run of vulnerability discoveries across the internet's backbone: BIND 9, PowerDNS, Jenkins, WordPress, and Google Chrome.
CVEs discovered (21)
10 High · 8 Medium · 3 Low.
| CVE | Vendor | Severity | Summary |
|---|---|---|---|
| CVE-2026-48936 | Node.js | Low | Permission model network bypass via Unix socket. Incomplete fix for CVE-2026-21636 in the Node.js Permission Model: a local server can be started over a Unix domain socket without the --allow-net permission, bypassing the intended network restrictions. Affects Node.js 26; fixed in 26.3.1. |
| CVE-2026-55827 | FreeRDP | High | RemoteFX heap buffer overflow. Heap buffer overflow in FreeRDP where the GDI layer passes desktop surface dimensions instead of bitmap dimensions as write bounds to the RemoteFX decoder, letting a malicious RDP server write past the allocated bitmap buffer with attacker-influenced content and potentially hijack execution. Affects 2.0.0 through 2.11.7 and 3.0.0 through 3.27.0; fixed in 3.27.1. |
| CVE-2026-55564 | FreeRDP | Medium | Glyph cache out-of-bounds read. Off-by-one error in FreeRDP's glyph_cache_get() bounds check lets a malicious RDP server trigger an out-of-bounds heap read via crafted glyph fragments, dereferencing one slot past the glyph cache array and potentially causing denial of service or information disclosure. Affects versions up to 3.26.0; fixed in 3.27.0. |
| CVE-2026-28917 | Apple WebKit | Medium | Memory-safety process crash. Memory-safety issue in Apple WebKit where processing maliciously crafted web content can cause an unexpected process crash (denial of service). Fixed in Safari 26.5 on macOS Sonoma and macOS Sequoia. |
| CVE-2026-28962 | Apple WebKit | Medium | Information disclosure. Information disclosure vulnerability in Apple WebKit where processing maliciously crafted web content may reveal sensitive user information. Fixed in Safari 26.5 on macOS Sonoma and macOS Sequoia. |
| CVE-2026-5913 | Google Chrome | Low | Out-of-bounds read in Blink. Out-of-bounds read in the Blink rendering engine in Google Chrome prior to 147.0.7727.55 allows a remote attacker to perform an out-of-bounds memory read via a crafted HTML page. Affects Chrome on Windows, Linux, and macOS. |
| CVE-2026-33608 | PowerDNS | High | Backend DoS via crafted NOTIFY. Incomplete domain name sanitization during Bind autosecondary zone transfer in PowerDNS Authoritative Server allows an attacker to send a notify request causing a secondary domain to be added with invalid configuration, rendering the Bind backend inoperable after restart. Affects versions up to 5.0.3 and 4.9.13. |
| CVE-2026-33257 | PowerDNS | Medium | Webserver memory exhaustion. Insufficient input validation of the internal webserver in PowerDNS Authoritative Server and DNSdist allows an unauthenticated attacker to send crafted HTTP requests causing unlimited memory allocation and denial of service. Requires the web server feature to be enabled. Affects PowerDNS Authoritative 3.4.0–5.0.3 and DNSdist up to 2.0.3. |
| CVE-2026-42390 | PowerDNS | Medium | Recursor ZONEMD validation bypass. ZONEMD verification bypass in the PowerDNS Recursor: the digest compare loop does not re-check scheme eligibility, so a zone carrying a reserved scheme=0 ZONEMD record with the correct digest passes validation even when the eligible record's digest is wrong. Relevant when Zone-to-Cache is configured with zonemd: require. Affects Recursor 5.4.0 through 5.4.2; fixed in 5.4.3. |
| CVE-2026-42004 | PowerDNS | Low | DNSdist EDNS options smuggling. EDNS options smuggling in PowerDNS DNSdist: a crafted EDNS OPT record is ignored by DNSdist's filtering rules but rewritten as a valid OPT record when EDNS Client Subnet is inserted, so the backend receives EDNS options that DNSdist did not filter. Affects DNSdist up to 1.9.14 and 2.0.6; fixed in 1.9.15 and 2.0.7. |
| CVE-2026-3104 | ISC BIND 9 | High | Resolver memory leak DoS. Memory leak in BIND 9 resolvers triggered by specially crafted domain queries, causing denial of service through resource exhaustion. Affects BIND 9.20.0–9.20.20 and 9.21.0–9.21.19. |
| CVE-2026-3119 | ISC BIND 9 | Medium | Crash via TKEY query. Authenticated query containing a TKEY record with a valid TSIG can cause the BIND named daemon to terminate unexpectedly. Affects BIND 9.20.0–9.20.20 and 9.21.0–9.21.19. |
| CVE-2026-33001 | Jenkins | High | Arbitrary file write via symlinks. Link following vulnerability in Jenkins 2.554 and earlier, LTS 2.541.2 and earlier allows crafted .tar and .tar.gz archives to write files to arbitrary locations via symbolic links, enabling code execution by attackers with Item/Configure permission or control of agent processes. |
| CVE-2026-25611 | MongoDB | High | Pre-auth memory exhaustion DoS. Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server. A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server. |
| CVE-2025-15281 | glibc | High | Use-after-free in wordexp(). Use-After-Free vulnerability in glibc's wordexp() function when using WRDE_REUSE and WRDE_APPEND flags, allowing memory corruption and potential code execution via uninitialized memory access. |
| CVE-2026-0859 | TYPO3 | Medium | Insecure deserialization in mailer. Insecure Deserialization vulnerability in TYPO3 CMS Mailer file spool allowing local users with write access to the spool directory to inject and execute arbitrary PHP code via crafted serialized files. |
| CVE-2026-49740 | TYPO3 | Medium | Insecure deserialization in Core API. Insecure deserialization in the TYPO3 CMS Core API (ext:core) where crafted serialized data can affect downstream components. Fixed across TYPO3 13.4.31 LTS, 14.3.3 LTS, and ELTS releases. |
| CVE-2025-67849 | Moodle | High | Stored XSS in AI Course Assist. Stored Cross-Site Scripting (XSS) vulnerability in Moodle's AI Course Assist via unsanitized HTML rendering in the response template, allowing authenticated users to execute arbitrary JavaScript and steal session tokens. |
| CVE-2025-64496 | Open WebUI | High | Code injection via SSE. Code Injection vulnerability in Open WebUI via Server-Sent Events (SSE) in Direct Connections feature, allowing malicious external model servers to execute arbitrary JavaScript and steal authentication tokens. |
| CVE-2025-52670 | Revive Adserver | High | Authorization bypass (IDOR). Authorization Bypass (IDOR) vulnerability in Revive Adserver allowing authenticated users to delete banners owned by other accounts via improper ownership validation. |
| CVE-2025-52668 | Revive Adserver | High | Stored XSS. Stored Cross-Site Scripting (XSS) vulnerability in Revive Adserver's statistics-conversions.php script via tracker or campaign names, enabling session hijacking and information disclosure. |
Awards & recognition (6)
- Security Vulnerability Credit, WordPress (2026)
Credited for reporting an AJAX query-attachments authorization bypass, fixed in WordPress 6.9.2.
- Security Vulnerability Credit, ISC (BIND9) (2026)
Credited for reporting a NULL pointer dereference crash in BIND9's QP-trie cache, fixed in BIND 9.21.19.
- Security Advisory Credit, Jenkins (2026)
Credited for independent discovery of a link following vulnerability in Jenkins, reported through the Jenkins Bug Bounty Program sponsored by the European Commission.
- Security Researcher Hall of Fame, MongoDB (2026)
Recognized for responsibly disclosing a security vulnerability in MongoDB products.
- AI Safety - Immersive world jailbreak, Microsoft (2025)
Awarded for discovering the 'Immersive world' jailbreak in Microsoft's copilot.
- AI Security - Edge browser prompt injection, Microsoft (2025)
Indirect prompt injection vulnerability found in Microsoft's edge browser.
Research (21)
Cato CTRL Threat Research: Operation Poisson - Analyzing a Cybercriminal's Entire Operation
Cato Networks Blog · 2026-06-16
Post-incident analysis of Operation Poisson, a 33-day campaign by a junior French-speaking threat actor against four individuals and a French automotive business. Captured command-by-command after the operator left SSH keys and a playbook in an open bucket, it shows how free-tier Havoc C2, a Python keylogger, and Tailscale plus OpenSSH built persistence that survived the C2 going offline.
Cato CTRL Threat Research: New MongoDB Vulnerability Allows Instant Remote Server Takedown (CVE-2026-25611)
Cato Networks Blog · 2026-03-04
Discovery of CVE-2026-25611 (CVSS 7.5), an unauthenticated denial-of-service flaw in MongoDB 3.4 and later with compression enabled, where crafted compressed packets force excessive memory allocation before validation and crash the server.
Cato CTRL Threat Research: When OpenClaw, Your AI Personal Assistant, Becomes the Backdoor
Cato Networks Blog · 2026-02-25
Investigation of a dark-web listing selling root-shell access to a CEO's computer bundled with their OpenClaw AI assistant for $25,000, showing how an agentic assistant accumulates databases, API keys, and financial data that turn it into a high-value backdoor.
Cato CTRL Threat Research: Stuck in the Past – How Hackers Exploit Years-Old CVEs for Cryptojacking
Cato Networks Blog · 2025
Your analysis of cryptojacking campaigns abusing old CVEs, with remediation guidance for Cato customers.
Cato CTRL Threat Research: Uncovering Nytheon AI – A New Platform of Uncensored LLMs
Cato Networks Blog · 2025
Your investigation into Nytheon AI, a Tor-hosted platform bundling uncensored LLMs for malicious use.
Cato CTRL Threat Research: WormGPT Variants Powered by Grok and Mixtral
Cato Networks Blog · 2025
Your blog exposing WormGPT clones that wrap xAI's Grok and Mistral's Mixtral behind uncensored system prompts.
Cato CTRL Threat Actor Profile: IntelBroker
Cato Networks Blog · 2025
Your threat actor profile detailing IntelBroker's real identity, tooling, and data-broker operations.
Cato CTRL Threat Research: Analyzing LAMEHUG – First Known LLM-Powered Malware with Links to APT28 (Fancy Bear)
Cato Networks Blog · 2025
Your deep dive into LAMEHUG, an APT28 malware family integrating LLM APIs via stolen Hugging Face tokens.
2025 Cato CTRL Threat Report – The Rise of the Zero-Knowledge Threat Actor
Cato Networks · 2025
Flagship threat report where you introduce the Immersive World jailbreak and zero-knowledge threat actor concept.
The Rise of the Zero-Knowledge Threat Actor
Cato Networks News · 2025
News article announcing your Immersive World jailbreak and quoting you as a threat intelligence researcher at Cato Networks.
Cato CTRL Threat Research: HashJack - First Known Indirect Prompt Injection Against AI Browser Assistants
Cato Networks Blog · 2025-11-25
Novel indirect prompt injection technique that weaponizes URL fragments to manipulate AI browser assistants like Copilot, Gemini, and Comet.
Cato CTRL Issues New SASE Threat Report
Cato Networks Blog · 2024
Coauthored post (Etay Maor, Vitaly Simonovich) introducing the Cato CTRL SASE threat report series.
Highlights from Q2 2024 Cato CTRL SASE Threat Report
Cato Networks Blog · 2024
Threat report highlights coauthored by Etay Maor and Vitaly Simonovich, covering Cato CTRL findings over billions of flows.
Highlights from Q3 2024 Cato CTRL SASE Threat Report
Cato Networks Blog · 2024
Q3 SASE threat trends, coauthored by Etay Maor and Vitaly Simonovich, based on Cato CTRL analysis of 1.46T network flows.
Log4Shell log4j Remote Code Execution – The COVID of the Internet
Imperva Blog · 2022
Coauthored blog (Vitaly, Daniel, Nathan) analyzing the Log4Shell vulnerability and 102M+ blocked exploit attempts.
Never Leave Your Cloud Database Publicly Accessible
Imperva Blog · 2020
Coauthored research (Vitaly Simonovich, Sarit Yerushalmi) on exposed cloud databases and attack patterns.
Bug hunting for a quick buck using WebLogic vulnerability (CVE-2020–14882)
Imperva Blog · 2020-11
Your analysis of real-world exploitation of Oracle WebLogic CVE-2020-14882 by both attackers and bug hunters.
Remote File Inclusion (RFI) – Detecting the Undetectable
Imperva Blog · 2020-03
Your research article on detecting large-scale RFI attacks using Imperva data and custom detectors.
Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS)
Imperva Blog · 2019-07
Your case study of Imperva's largest recorded Layer-7 DDoS attack and how it was mitigated.
The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack
Imperva Blog · 2019-04
Coauthored blog (Vitaly Simonovich, Dima Bekerman) showing how HTML5 ping was weaponized for large-scale browser-based DDoS.
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners
Imperva Blog · 2019-03
Your research into thousands of exposed Docker daemons abused for cryptomining and other misuse.
Speaking (11)
HashJack: Exploiting URL Fragments to Hijack AI Browser Assistants
Ekoparty Security Conference · 2026-05-22 · Miami, FL, USA
An indirect prompt injection technique that hides malicious instructions in URL fragments to hijack AI browser assistants, with real attack scenarios and defensive guidance.
Agentic Security: Past, Present, and Future
SASEfy 2026 · 2026-05 · Virtual
A panel on the past, present, and future of agentic AI security, presented with Cato CTRL's Etay Maor and Microsoft security architects Abhilasha Bhargav-Spantzel and Pushkar Saraf.
The Anatomy of Criminal Failure: Analyzing OpSec Flaws in Major Takedowns
RSA Conference 2026 · 2026-03-23 · San Francisco, CA, USA
An in-depth analysis of operational security failures that led to the takedown of major cybercriminal operations, examining the mistakes that ultimately exposed threat actors to law enforcement.
Vibe Hunting: Turning AI Coding Agents into Autonomous Vulnerability Researchers
RootedCON Madrid 2026 · 2026-03 · Madrid, Spain
How AI coding agents can be turned into autonomous vulnerability researchers, exploring the offensive potential of vibe-driven AI workflows for security research.
The Dark Side Of LLMs
BSidesTLV AI Hacking Village · 2025-12-11 · Tel Aviv, Israel
An exploration of the security implications and potential threats posed by Large Language Models, examining attack vectors, vulnerabilities, and defensive strategies in the evolving AI landscape.
The Dark Mirror of LLMs
APAC Partner Summit · 2025-09-15 · Bangkok, Thailand
Presentation exploring the darker applications of Large Language Models, examining how AI can be weaponized by adversaries and what organizations need to know to protect themselves.
The Black Mirror of LLMs: How AI Powers the Adversary
HackAPrompt Webinar · 2025-07-28
Online session examining how adversaries leverage AI and Large Language Models to enhance their attack capabilities, with real-world examples and defensive strategies.
2025 Cato CTRL™ Threat Report
Cato Networks APJ Customer & Partner Event · 2025-05-20 · Tokyo, Japan
Presentation of the 2025 Cato CTRL Threat Report to customers and partners across the APJ region, covering the latest threat intelligence and security trends.
From Assistants to Adversaries: The LLM Threat Landscape
Qubit 2025 Conference · 2025-05-15 · Prague, Czech Republic
A deep dive into how Large Language Models are transforming the threat landscape, from AI-powered assistants to potential adversarial tools, and what security professionals need to know.
Skyfall - Threats in the Cloud
Cato Networks x Porsche Event · 2024-11-15 · Stuttgart, Germany
Exclusive presentation at the Porsche Museum covering cloud security threats and vulnerabilities, exploring how organizations can protect their cloud infrastructure.
Warning! Botnet Is In Your House…
Botconf 2022 · 2022-04-26 · Nantes, France
Research presentation on IoT botnets targeting home devices, examining infection vectors, command and control infrastructure, and the growing threat to consumer networks.
Writing (12)
- glibc wordexp() Memory Initialization Flaw - CVE-2025-15281 — BreachLogic · 2026-01-20
- Threat Actors Don't Care About Your Fucking Scope — LinkedIn · 2025-12-25
- Guilty as Charged: How I Contributed to CVE Slop — LinkedIn · 2025-12-18
- Jailbreaking the Supply Chain: Why Your AI Scanner Thinks Malware is Safe — LinkedIn · 2025-12-04
- HashJack: Why This AI Browser Attack Is Unlike Anything We've Seen in 2025 — LinkedIn · 2025-11-27
- IDOR in Banner Deletion: When Parent Validation Isn't Enough — BreachLogic · 2025-10
- TryHackMe: Capture! — Medium (@vitalysimx) · 2023
- AI-Powered Trainer: Revolutionizing Cybersecurity Training — Medium (@vitalysimx) · 2023
- The Future of AI Security · 2023-12-01
- Unveiling Out-Of-Band Vulnerabilities: Using NameCheap and Interactsh for Your Server Setup — Medium (@vitalysimx) · 2023-06-28
- Leveraging AI in CTF Challenges: Where to Draw the Line — Medium (@vitalysimx) · 2023-06-08
- Revealed: the criminal ecosystem behind a DDoS attack — LinkedIn · 2016
Press coverage (65)
2026
- 2026-06-18 · BankInfoSecurity: Breach Roundup: ShinyHunters Leaks 26M MSG Records
- 2026-06-18 · CyberExperts: Cato Networks analyse une cyberattaque en France capable de survivre à la disparition de son serveur C2
- 2026-06-18 · Actu DSI: Cato Networks révèle comment une attaque 'amateur' peut piéger une PME pendant des semaines
- 2026-06-18 · Telco Infra News: Cato Networks alerte sur l'usage détourné des VPN maillés dans les cyberattaques
- 2026-06-18 · CyberVeille: Operation Poisson : analyse complète d'une opération cybercriminelle francophone sur 33 jours
- 2026-06-17 · SC Media: Attacker establishes persistent access to French business using OpenSSH and Tailscale
- 2026-06-17 · SOC Prime: Opération Poisson révèle une chaîne de vol de données d'identification résiliente
- 2026-06-16 · The Hacker News: Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
- 2026-06-16 · IBM X-Force Exchange: Operation Poisson: Analyzing a Cybercriminal's Entire Operation
- 2026-05-31 · Cloud Security Alliance: ChatGPhish: When the AI Assistant Becomes the Phishing Vector
- 2026-05-14 · MacTrast: Safari 26.5 Fixes Numerous WebKit Security Holes
- 2026-05-13 · 9to5Mac: Safari 26.5 fixes WebKit bugs that could crash Safari or expose user data
- 2026-03-31 · VentureBeat: OpenClaw has 500,000 instances and no enterprise kill switch
- 2026-03-30 · VentureBeat: RSAC 2026: Agent identity frameworks and three gaps all of them miss
- 2026-03-25 · Ubuntu Security: USN-8124-1: Bind vulnerabilities
- 2026-03-07 · InfoQ China: OpenClaw 安全危机:Cato CTRL 揭示 AI 助手如何沦为后门
- 2026-03-05 · GBHackers: New MongoDB Vulnerability Allows Attackers to Crash Servers, Exposing Critical Data
- 2026-03-05 · CyberPress: New MongoDB Vulnerability Allows Attackers to Crash Any Server
- 2026-03-05 · TechBooky: MongoDB Vulnerability Lets Attackers Crash Servers Remotely
- 2026-03-05 · CybersecurityNews: New MongoDB Vulnerability Lets Hackers Crash Any MongoDB Server
- 2026-03-03 · Unit 42 (Palo Alto Networks): Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
2025
- 2025-12-07 · SlashGear: AI Browsers Face A New Kind Of Attack, And It Puts Your Privacy At Risk
- 2025-12-05 · F5 Labs: HashJack Attack Targets AI Browsers and Agentic AI Systems
- 2025-12-05 · The Hacker News: Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
- 2025-12-02 · IT Brew: 'HashJack' demo hides malicious instructions in URL
- 2025-11-29 · Hackread: HashJack Attack Uses URL '#' to Control AI Browser Behavior
- 2025-11-29 · SecurityWeek: In Other News: HashJack AI Browser Attack, Charming Kitten Leak, Hacker Unmasked
- 2025-11-28 · TechRadar: AI browsers can be hacked with a simple hashtag, experts warn
- 2025-11-26 · Infosecurity Magazine: HashJack Indirect Prompt Injection Weaponizes Websites
- 2025-11-26 · Help Net Security: New 'HashJack' Attack Can Hijack AI Browsers and Assistants
- 2025-11-26 · CybersecurityNews: HashJack: New Attack Technique Tricks AI Browsers Using a Simple '#'
- 2025-11-26 · GBHackers: HashJack: A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers
- 2025-11-26 · Israel Hayom: Israeli tech firm finds AI vulnerability – Gemini susceptible
- 2025-11-26 · Forbes: Password-Stealing AI HashJack Threat To Web Browsers Confirmed
- 2025-11-26 · SC World: AI browser assistants vulnerable to HashJack prompt injection technique
- 2025-11-26 · CyberPress: HashJack: A New Attack That Fools AI Browsers With a Simple '#'
- 2025-11-26 · Xakep.ru: ИИ-браузеры можно обмануть с помощью символа «#»
- 2025-11-26 · SecurityLab.ru: HashJack: новая атака через символ # обманывает ИИ-браузеры
- 2025-11-25 · SiliconANGLE: New 'HashJack' technique lets attackers manipulate AI assistants in Comet, Copilot and Gemini
- 2025-11-25 · The Register: HashJack attack shows AI browsers can be fooled with a simple '#'
- 2025-09-16 · ISOEH: Vibe Hacking: When AI Turns Beginners into Cybercriminals
- 2025-08-19 · The Economist: How AI-powered hackers are stealing billions
- 2025-08-13 · VentureBeat: The end of perimeter defense: When your own AI tools become the threat actor
- 2025-08-03 · Resilience Media: Ukraine warns of AI-powered malware targeting the defence sector
- 2025-06-23 · The Record: Researchers say cybercriminals are using jailbroken AI tools from Mistral and xAI
- 2025-06-18 · CSO Online: WormGPT returns: New malicious AI variants built on Grok and Mixtral uncovered
- 2025-06-17 · CyberScoop: Researchers say AI hacking tools sold online were powered by Grok, Mixtral
- 2025-04-08 · 63sats: When Fiction Becomes a Cyber Weapon: How AI Was Tricked into Writing Malware
- 2025-04-03 · GreaterFool.ca: Into the storm
- 2025-03-27 · Security MEA: Cato Networks Discovers New LLM Jailbreak Technique
- 2025-03-26 · ControlF5 Software: AI Chatbots: The New Target For Zero-Knowledge Hackers
- 2025-03-22 · Business Insider: How do you get ChatGPT to create malware strong enough to breach Google's password manager? Just play pretend.
- 2025-03-21 · Forbes: Google Chrome Passwords Alert: Beware The Rise Of The AI Infostealers
- 2025-03-18 · PR Newswire: The Rise of the Zero-Knowledge Threat Actor: New LLM Jailbreak Technique Discovered by Cato Networks Enables Easy Creation of Password-Stealing Malware
- 2025-03-18 · Infosecurity Magazine: Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers
- 2025-03-18 · TechNewsWorld: AI Chatbots Can Be Easy Prey for 'Zero-Knowledge' Hackers
2022
- 2022-04-28 · Botconf 2022: Warning! Botnet is in your house...
2019
- 2019-07-26 · BankInfoSecurity: Massive Botnet Attack Used More Than 400000 IoT Devices
- 2019-07-24 · Dark Reading: Mirai-Like Botnet Wages Massive Application-Layer DDoS Attack
- 2019-04-16 · IsraelDefense: Imperva Discovers New DDoS Attack that Abuses HTML5 Ping-Based Hyperlink Auditing Feature
- 2019-04-15 · SecurityWeek: Large-scale DDoS Attack Abuses HTML's Hyperlink Audit Ping Facility
- 2019-04-11 · eWEEK: How HTML5 Ping Is Used in DDoS Attacks
- 2019-03-06 · SDxCentral: Imperva Researchers Find Hundreds of Vulnerable Docker Hosts Exploited by Cryptominers
- 2019-03-05 · SC Media: Docker API vulnerability allows hackers to mine Monero
- 2019-03-04 · BleepingComputer: Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns