Eresus research, advisory, and security news
We collect writing, advisories, and current-event analysis around AI security, the MCP ecosystem, application security, and real attack chaining here.
Latest Posts
AI Safety vs. AI Security
Discover the critical distinctions between AI Safety (protecting humans from AI) and AI Security (protecting AI from malicious threat actors and hackers).
AI-Orchestrated Cyber Espionage: The Dawn of Autonomous APT Campaigns
Discover how Advanced Persistent Threats (APTs) weaponize Generative AI and autonomous agents to conduct hyper-scalable, undetectable cyber espionage...
What Is AI Data Governance and Why Is It So Hard to Implement?
AI data governance is the missing link in Enterprise AI Security. Learn why traditional Data Loss Prevention (DLP) fails when applied to LLMs and how to...
How AI Coding Assistants Expose Secrets
Discover the critical AI Security risks associated with autonomous coding tools. Learn how Cursor, Copilot, and Claude can inadvertently leak your .env...
TensorFlow Custom Operator Injection (Graph Execution)
Identifies backdoor threats leveraging embedded malformed computational nodes (Custom Operators) within TensorFlow models to silently trigger execution...
TorchScript Model Arbitrary Code Execution Detected at Model Load Time
Critical security vulnerability detailing explicit Remote Code Execution (RCE) occurrences triggered dynamically during TorchScript model initialization...
Python Pickle Arbitrary Code Execution Detected
Discover how Python's built-in Pickle serialization module enables severe Arbitrary Code Execution (ACE) vulnerabilities within machine learning...
ONNX Model Contains Embedded File Threats
AI Models can distribute additional malicious binaries hidden inside model file payloads. Eresus Sentinel detects these backdoor packages masked within...
LiteRT FlatBuffer Metadata RCE Exploits
Identifies critical threats leveraging the custom metadata extension fields within LiteRT (.tflite) FlatBuffer archives to force path traversals and...