Information Security

Showing 100 articles max
AI Engineer Programming
AI Engineer Programming
Jul 1, 2026 · Information Security

Jailbreak Attacks and Prompt Injection: Intent Patterns, Detection, and Multi‑Layer Defense for LLMs

The article analyzes LLM jailbreak and prompt‑injection techniques—detailing five intent construction patterns, detection principles that prioritize intent over keywords, and a multi‑layered defense architecture spanning input normalization, intent analysis, generation control, and output review—to guide robust AI security.

AI safetyLLM securityPrompt Injection
0 likes · 12 min read
Jailbreak Attacks and Prompt Injection: Intent Patterns, Detection, and Multi‑Layer Defense for LLMs
Black & White Path
Black & White Path
Jun 30, 2026 · Information Security

Batch SRC Mining with Serein: A Complete Setup and Usage Guide

This article walks through installing the Serein tool, configuring FOFA API keys, collecting target URLs, running nday vulnerability checks, adding custom POCs, and filtering results with domain and weight lookups to automate large‑scale SRC exploitation.

FOFAPython GUISRC mining
0 likes · 7 min read
Batch SRC Mining with Serein: A Complete Setup and Usage Guide
Black & White Path
Black & White Path
Jun 30, 2026 · Information Security

How a Misconfigured KNX System Lets Hackers Disrupt an Entire Building

The article examines the KNX building‑automation protocol, explains its telegram structure, and demonstrates how a poorly configured KNX network—especially via IP routers—can be exploited from a single smart switch to launch DoS, replay, and memory‑read/write attacks that compromise entire skyscraper systems.

Building AutomationDoS attackIP Router
0 likes · 12 min read
How a Misconfigured KNX System Lets Hackers Disrupt an Entire Building
21CTO
21CTO
Jun 29, 2026 · Information Security

GLM 5.2 Beats Claude in IDOR Security Benchmark with 39% F1

Semgrep’s benchmark shows that the open‑source GLM 5.2 model, using only a unified prompt and a lightweight Pydantic AI scheduler, achieves a 39% F1 score on IDOR vulnerability detection—outperforming Claude Code’s best 37.4% while costing only about $0.17 per discovered flaw.

AI securityClaudeF1 score
0 likes · 13 min read
GLM 5.2 Beats Claude in IDOR Security Benchmark with 39% F1
Black & White Path
Black & White Path
Jun 29, 2026 · Information Security

One-Click Telegram Username Checker for Bulk Availability and Monitoring

The open‑source Telegram Username Availability Checker, built with Telethon, lets security researchers and OSINT analysts quickly verify whether channel or user names are free, taken, or invalid, supporting bulk input, watch‑mode monitoring, suggested alternatives, and safe handling of credentials and metadata.

OSINTPythonTelegram
0 likes · 6 min read
One-Click Telegram Username Checker for Bulk Availability and Monitoring
TechVision Expert Circle
TechVision Expert Circle
Jun 28, 2026 · Information Security

When AI Fixes Bugs, It Can Also Launch Attacks—Enterprise Security Perimeters Vanish

Since mid‑2025 large language models have progressed from assisting code reviews to automatically scanning repositories, generating patches, and, with altered prompts, automating vulnerability discovery, exploit chaining, and tailored phishing, forcing enterprises to rethink traditional security perimeters and adopt layered AI governance frameworks.

AI governanceAI securityLarge Language Models
0 likes · 14 min read
When AI Fixes Bugs, It Can Also Launch Attacks—Enterprise Security Perimeters Vanish
Black & White Path
Black & White Path
Jun 28, 2026 · Information Security

Why the FBI Spent a Year Failing to Crack a Banker’s TrueCrypt Drive

The FBI spent twelve months trying to break the TrueCrypt‑encrypted hard drive of Brazilian banker Daniel Dantas, ultimately failed, and the case reveals how strong key management, open‑source trust, and physical security are essential when defending against state‑level adversaries.

FBITrueCryptVeraCrypt
0 likes · 8 min read
Why the FBI Spent a Year Failing to Crack a Banker’s TrueCrypt Drive
Architect's Guide
Architect's Guide
Jun 27, 2026 · Information Security

A Comprehensive Guide to Front‑End and Back‑End Authentication Strategies

This article systematically explains ten common authentication approaches—from basic HTTP authentication and session‑cookie mechanisms to token, JWT, SSO, OAuth 2.0, QR‑code login, and one‑click login—detailing their principles, workflows, advantages, drawbacks, and typical usage scenarios with concrete examples and code snippets.

AuthenticationCookieJWT
0 likes · 42 min read
A Comprehensive Guide to Front‑End and Back‑End Authentication Strategies
Black & White Path
Black & White Path
Jun 27, 2026 · Information Security

Can't Find Vulnerabilities? Try Nuclei, the Lightweight Template Scanner

The article introduces Nuclei, a fast, template‑driven vulnerability scanner that outperforms heavyweight tools like OpenVAS and Nessus, explains how to install it on Kali, update templates, run single‑target and bulk scans with various options, and demonstrates writing custom YAML templates and using its new AI‑assisted detection feature.

AI IntegrationNucleiYAML templates
0 likes · 6 min read
Can't Find Vulnerabilities? Try Nuclei, the Lightweight Template Scanner
Black & White Path
Black & White Path
Jun 27, 2026 · Information Security

Using AI to Uncover a Long‑Hidden OAuth Combo Vulnerability

The article details a step‑by‑step recreation of an OAuth client‑credential leak in a web application, showing how hidden credentials in commented JavaScript enable registration of admin accounts, and compares three AI‑driven penetration testing approaches to exploit the vulnerability.

AI penetration testingOAuthWeb Security
0 likes · 10 min read
Using AI to Uncover a Long‑Hidden OAuth Combo Vulnerability
Black & White Path
Black & White Path
Jun 27, 2026 · Information Security

Mastering the PMKID Attack: A Step‑by‑Step Guide to Wi‑Fi Penetration Testing

This article walks through the theory and practical exploitation of the Wi‑Fi PMKID attack, covering authentication basics, the WPA/WPA2 handshake, PMKID generation, and detailed step‑by‑step instructions using tools such as hcxdumptool, hashcat, aircrack‑ng, Airgeddon and bettercap to capture and crack PMKID hashes.

Aircrack-ngPMKIDWi-Fi security
0 likes · 16 min read
Mastering the PMKID Attack: A Step‑by‑Step Guide to Wi‑Fi Penetration Testing
Black & White Path
Black & White Path
Jun 27, 2026 · Information Security

What the 905 GB BreachForums CDN Leak Reveals About Hacker Infrastructure

A 905 GB BitTorrent seed of BreachForums’ CDN cache, containing raw databases, exploit tools, proof‑of‑concept media, and detailed forum metadata, was publicly released, offering an unprecedented view into the full inventory of a major underground hacker market and highlighting the risks of CDN misconfiguration.

BreachForumsCDN leakData Breach
0 likes · 6 min read
What the 905 GB BreachForums CDN Leak Reveals About Hacker Infrastructure
Java Tech Enthusiast
Java Tech Enthusiast
Jun 26, 2026 · Information Security

Why Many Devices Disable Ping and What It Actually Achieves

Disabling ping blocks ICMP Echo Reply responses, reducing exposure to network scans and ICMP flood attacks, but also hampers troubleshooting, monitoring, and cloud health checks, so the decision should consider device location, monitoring needs, and potential impact on maintenance.

CloudICMPMonitoring
0 likes · 7 min read
Why Many Devices Disable Ping and What It Actually Achieves
Cloud Architecture
Cloud Architecture
Jun 26, 2026 · Information Security

OAuth 2.0 at Billion-Scale: Unified Auth Center Architecture & Pitfall Guide

This article details how to design a unified authentication center that can handle billions of OAuth 2.0 requests, covering layered architecture, token issuance and revocation, refresh‑token rotation, gateway validation, key management, and practical pitfalls to ensure secure, high‑performance identity traffic in production.

AuthenticationHigh ScaleOAuth 2.0
0 likes · 46 min read
OAuth 2.0 at Billion-Scale: Unified Auth Center Architecture & Pitfall Guide