A CS student's experience using a Flipper Zero and AI to reverse-engineer an NFC laundry card, and some thoughts on what it means for systems like these.

Betterleaks is a new open source secrets scanner from the creator of Gitleaks. A drop-in replacement with faster scans, token efficiency detection, configurable validation, and more.

GlassWorm V2 Analysis . GitHub Gist: instantly share code, notes, and snippets.

Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers

13th March 2026 As part of MDSec’s R&D work, we often discover vulnerabilities and develop exploits to support our red team engagements. When researching widely used software, it is often...

Open source Cartography now discovers AI agents in container images and connects them to IAM roles, tools, and network exposure in the infrastructure graph.

A few days ago, I published a blog analyzing a phishing campaign abusing Google Cloud infrastructure: While continuing to monitor the infrastructure used in that campaign, I discovered several addi…

A systematic audit of Algolia DocSearch found 39 admin API keys exposed across projects like Home Assistant, KEDA, and vcluster.

Discover Qortal, the gateway to Web3 innovation. Explore our easy-to-use platform for seamless access to decentralized applications.

Break your AI agents before someone else does. Security scanning for system prompts, MCP servers, and AI coding agents.

Offload time-intensive work and accelerate security operations with an AI analyst for the CrowdStrike® Falcon platform.

We audited 30 AI agent projects. 93% use unscoped API keys with no per-agent identity, no consent, and no revocation.

An article about malicious repositories on GitHub

Perfex CRM passed the autologin cookie into unserialize() without validation, giving unauthenticated attackers remote code execution.

One of the core philosophies we implement at Guardz is the deep integration of security and intelligence teams with our proprietary AI capabilities. This