Eresus Security Research Feed

Eresus Security Research Feed https://www.eresussec.com Research, advisories, and offensive security writing from Eresus Security. en-us Fri, 03 Apr 2026 18:32:03 GMT <![CDATA[What is a Vector Database? Its Role in AI and LLM Security]]> https://www.eresussec.com/blog/what-is-vector-database-ai-security_en https://www.eresussec.com/blog/what-is-vector-database-ai-security_en Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Vektör Veritabanları (Vector Database) Nedir? AI ve LLM Güvenliğindeki Yeri]]> https://www.eresussec.com/blog/what-is-vector-database-ai-security https://www.eresussec.com/blog/what-is-vector-database-ai-security Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Structuring and Securing AI Microservices in Python (FastAPI)]]> https://www.eresussec.com/blog/structuring-fastapi-ai-microservices_en https://www.eresussec.com/blog/structuring-fastapi-ai-microservices_en Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Python ile AI Mikroservis Mimarisini Kurmak ve Güvenliğini Sağlamak (FastAPI)]]> https://www.eresussec.com/blog/structuring-fastapi-ai-microservices https://www.eresussec.com/blog/structuring-fastapi-ai-microservices Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Why Should We Use Rust for AI-Powered Backend Systems?]]> https://www.eresussec.com/blog/rust-language-ai-backend-security_en https://www.eresussec.com/blog/rust-language-ai-backend-security_en Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Yapay Zeka Destekli Backend Sistemlerinde Neden Rust Kullanmalıyız?]]> https://www.eresussec.com/blog/rust-language-ai-backend-security https://www.eresussec.com/blog/rust-language-ai-backend-security Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Cloud Security: AWS IAM Flaws and One-Click Privilege Escalation]]> https://www.eresussec.com/blog/aws-iam-misconfigurations-privilege-escalation_en https://www.eresussec.com/blog/aws-iam-misconfigurations-privilege-escalation_en Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Bulut Güvenliği: AWS IAM Hataları ve Tek Tıkla Privilege Escalation (Yetki Yükseltme)]]> https://www.eresussec.com/blog/aws-iam-misconfigurations-privilege-escalation https://www.eresussec.com/blog/aws-iam-misconfigurations-privilege-escalation Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Authentication in AI Applications: LLM Sessions and Data Privacy]]> https://www.eresussec.com/blog/ai-apps-authentication-session-management_en https://www.eresussec.com/blog/ai-apps-authentication-session-management_en Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Yapay Zeka Uygulamalarında Kimlik Doğrulama: LLM Oturumları (Session) ve Veri Gizliliği]]> https://www.eresussec.com/blog/ai-apps-authentication-session-management https://www.eresussec.com/blog/ai-apps-authentication-session-management Thu, 02 Apr 2026 00:00:00 GMT <![CDATA[Python'un En Saf Bug'ı: Makine Öğrenimi Modellerinde (.pkl) Uzaktan Kod Çalıştırma (RCE) Zafiyeti]]> https://www.eresussec.com/blog/pickle-rce-zafiyeti-makine-ogrenimi https://www.eresussec.com/blog/pickle-rce-zafiyeti-makine-ogrenimi Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[The Simplest Bug is the Deadliest: Remote Code Execution (RCE) via Pickle in Machine Learning]]> https://www.eresussec.com/blog/pickle-rce-vulnerability-machine-learning https://www.eresussec.com/blog/pickle-rce-vulnerability-machine-learning Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[New Perseus Android Banking Malware Monitors Notes Apps for Sensitive Data]]> https://www.eresussec.com/blog/perseus-android-banking-malware-accessibility https://www.eresussec.com/blog/perseus-android-banking-malware-accessibility Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Android 'Perseus' Bankacılık Malware'i Not Uygulamalarına Sızıyor]]> https://www.eresussec.com/blog/perseus-android-bankacilik-zararlisi-erisebilirlik https://www.eresussec.com/blog/perseus-android-bankacilik-zararlisi-erisebilirlik Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Otomatik Zafiyet Taraması vs. Manuel Sızma Testi: Hangisi Gereklidir?]]> https://www.eresussec.com/blog/otomatik-vs-manuel-pentest https://www.eresussec.com/blog/otomatik-vs-manuel-pentest Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Göz Ardı Edilen Tehdit Yüzeyi: Yapay Zeka (AI) Model Dosyalarında Gizlenen Sıfırıncı Gün (0-Day) Zafiyetleri]]> https://www.eresussec.com/blog/mfv-yapay-zeka-model-dosyasi-0day-zafiyetleri https://www.eresussec.com/blog/mfv-yapay-zeka-model-dosyasi-0day-zafiyetleri Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[The Overlooked Attack Surface: Hunting 0-Days in AI Model Files]]> https://www.eresussec.com/blog/mfv-ai-model-file-0day-vulnerabilities https://www.eresussec.com/blog/mfv-ai-model-file-0day-vulnerabilities Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Artificial Intelligence (LLM) Manipulations: Prompt Injection and RAG Poisoning]]> https://www.eresussec.com/blog/llm-prompt-injection-rag-poisoning-ai-security_en https://www.eresussec.com/blog/llm-prompt-injection-rag-poisoning-ai-security_en Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Yapay Zeka (LLM) Manipülasyonları: Prompt Injection ve RAG Zehirlenmesi]]> https://www.eresussec.com/blog/llm-prompt-injection-rag-poisoning-ai-security https://www.eresussec.com/blog/llm-prompt-injection-rag-poisoning-ai-security Wed, 01 Apr 2026 00:00:00 GMT <![CDATA[Critical Vulnerabilities in AI Frameworks (GGUF & MXNet): The Heap Overflow Threat]]> https://www.eresussec.com/blog/gguf-mxnet-ai-model-memory-vulnerabilities_en https://www.eresussec.com/blog/gguf-mxnet-ai-model-memory-vulnerabilities_en Wed, 01 Apr 2026 00:00:00 GMT