Eresus research, advisory, and security news
We collect writing, advisories, and current-event analysis around AI security, the MCP ecosystem, application security, and real attack chaining here.
Latest Posts
ERESUS-ADV-2026-002: Server-Side Request Forgery (SSRF) via Cloud Metadata Endpoints
Analysis of widespread SSRF vulnerabilities in cloud environments (AWS, GCP, Azure) exposing critical metadata endpoints and credentials.
Critical RCE Vulnerability in Legacy Enterprise Gateway
Critical Remote Code Execution (RCE) vulnerability in a legacy enterprise API gateway allowing unauthenticated root access.
Hacking Humans: Social Engineering and the Psychology
Social engineering engagements are the most exciting and heart pumping. It doesn’t begin at the badge reader or the front desk. The access occurs when someone makes a decision.
Automated Red Teaming Scans of Agentic Workflows Using Eresus Sentinel
We are thrilled to announce the integration of Eresus Sentinel with Enterprise Agents, a groundbreaking step in securing LLM application deployments.
Strengthening AI Security with Eresus Security Defense Services
As organizations rapidly adopt generative AI, they face a new frontier of security challenges that traditional testing approaches simply cannot address.
Llama 4 Series Vulnerability Assessment: Scout vs. Maverick
Meta has launched the Llama 4 family, featuring models built on a mixture-of-experts (MoE) architecture. Here is our vulnerability assessment.
AI Risk Report: Fast-Growing Threats in AI Runtime
A comprehensive look into the fast-growing vulnerabilities affecting AI systems in runtime environments, featuring Eresus Sentinel.
The Cost of Being Wordy: Detecting Resource-Draining Prompts
The breakthrough of LLMs has captivated the NLP world, but resource-draining prompts can cause Denial of Wallet (DoW) attacks in cloud models.
Tools and Technologies for Secure by Design AI Systems
Examining the specialized tools and technologies needed to secure non-deterministic, probabilistic AI systems effectively.