Bleeding Llama: When Local Ollama Leaks Memory Over the Network
CVE-2026-7482: crafted GGUF leaks heap via quantize—prompts, keys, neighbor chats. I explain Bleeding Llama and how I lock down Ollama. 🔐
Blog
Topic: Security
Dirty Frag and the Copy-Fail Lineage: Why AI Will Find the Next One First
From Dirty COW to Dirty Frag — Linux keeps betting on no-COW fast paths and losing. Here's why AI variant analysis changes the timeline. 🔬
200+ Projects, 200K at Risk: The MCP RCE Crisis in Your AI Stack
OX-documented blast radius (150M+ downloads, 7K+ exposed servers, 200+ repos) and concrete defenses for MCP STDIO RCE — with cited sources.
CVE-2026-42208: Your AI Proxy's Auth Check Was the Backdoor
LiteLLM's API key verification had a pre-auth SQLi (CVSS 9.3). Six critical vulns in one month. Your AI proxy is now a high-value target.
Agent Security ≠ LLM Security: OWASP MCP Top 10 and Microsoft's Agent Governance Toolkit
MCP security fundamentally differs from traditional application security. With 30 CVEs filed in 60 days, organizations need a new security model. Learn how to protect agent deployments using OWASP MCP Top 10 and Microsoft's Agent Governance Toolkit.
The Worm in the Machine: Dissecting the Self-Spreading npm Attack
A new npm worm doesn't just steal your keys-it turns your own code into a weapon. A deep dive into the CanisterWorm's anatomy, from postinstall hooks to its unkillable blockchain C2.
Firefox 150: When Defenders Win Decisively
271 vulnerabilities fixed. Team worked around the clock since February. This is the story of how defenders finally caught a glimpse of victory against the attacker advantage.
An AI Tool I'd Never Heard Of Just Cracked Open Vercel
On April 19 Vercel disclosed a breach. The attacker walked in through a third-party AI tool's OAuth app — and your stack probably trusts ten of those.
MCP Security: The Attack Surface Nobody's Talking About
Model Context Protocol just handed AI agents the keys to your infrastructure. Here's why tool poisoning and preference manipulation are more dangerous than prompt injection—and what you can actually do about it. 🔓