Anatomy of Phishing Attacks
A deep technical walkthrough of how modern phishing attacks actually succeed in the real world. This article breaks down phishing as a system-level failure rather than a user mistake, showing how attackers exploit legitimate authentication flows to capture and replay credentials, session cookies, and access tokens. It examines the full phishing kill chain—from lure engineering and adversary-in-the-middle infrastructure to token theft, session replay, and post-authentication expansion—illustrating why MFA alone is no longer sufficient. By translating phishing into concrete identity, protocol, and session mechanics, the article provides security leaders with a clearer mental model for designing defenses that prevent credential theft, session hijacking, and token replay by design, not detection alone.
Manipulating Factuality in LLMs
An exploration of how factual knowledge in large language models can be modified using Rank-One Model Editing (ROME). The article demonstrates how pairwise associations can be altered to change specific facts in generated responses, highlighting both corrective and adversarial use cases.
Reconstructing Biometric Data
Exploring how attackers can reverse-engineer biometric templates to reconstruct original data. The article examines template inversion attacks and discusses the privacy and security risks associated with improperly protected biometric systems.
Golden SAML: Bypassing SSO
Understanding how Golden SAML attacks forge authentication assertions to bypass identity providers. The article explains how compromised signing certificates enable attackers to mint legitimate authentication tokens that enable access across federated resources.
AI Agent Tool Poisoning
As AI agents gain autonomy through tool and API integrations, the toolchain itself becomes an attack surface. This research analyzes how “poisoned” tools can influence agent decision-making and execution, resulting in unintended actions, lateral movement, or security breaches.