Eresus Security Research Feed

Eresus Security Research Feed https://www.eresussec.com Research, advisories, and offensive security writing from Eresus Security. en-us Wed, 20 May 2026 22:23:25 GMT <![CDATA[Linux Kernel LPE 2026: Copy Fail, Dirty Frag, and Fragnesia Compared]]> https://www.eresussec.com/en/blog/linux-kernel-lpe-2026-copy-fail-dirty-frag-fragnesia https://www.eresussec.com/en/blog/linux-kernel-lpe-2026-copy-fail-dirty-frag-fragnesia Sun, 17 May 2026 00:00:00 GMT <![CDATA[JavaScript Obfuscation Reverse Engineering: A Practical Deobfuscation Playbook]]> https://www.eresussec.com/en/blog/javascript-obfuscation-reverse-engineering-deobfuscation https://www.eresussec.com/en/blog/javascript-obfuscation-reverse-engineering-deobfuscation Sun, 17 May 2026 00:00:00 GMT <![CDATA[Fragnesia CVE-2026-46300: Linux Kernel XFRM ESP-in-TCP Local Privilege Escalation]]> https://www.eresussec.com/en/blog/fragnesia-cve-2026-46300-linux-kernel-xfrm-esp-privilege-escalation https://www.eresussec.com/en/blog/fragnesia-cve-2026-46300-linux-kernel-xfrm-esp-privilege-escalation Sun, 17 May 2026 00:00:00 GMT <![CDATA[Dirty Frag CVE-2026-43284: Linux Kernel Local Privilege Escalation via ESP and RxRPC]]> https://www.eresussec.com/en/blog/dirty-frag-cve-2026-43284-linux-kernel-privilege-escalation https://www.eresussec.com/en/blog/dirty-frag-cve-2026-43284-linux-kernel-privilege-escalation Sun, 17 May 2026 00:00:00 GMT <![CDATA[AI Chatbot Web Application Pentesting: Attack Surface Beyond Prompt Injection]]> https://www.eresussec.com/en/blog/ai-chatbot-web-application-pentest-methodology https://www.eresussec.com/en/blog/ai-chatbot-web-application-pentest-methodology Sun, 17 May 2026 00:00:00 GMT <![CDATA[CVE-2026-7482: Ollama GGUF Heap Out-of-Bounds Read — Full Technical Analysis]]> https://www.eresussec.com/en/blog/ollama-cve-2026-7482-heap-oob-gguf-vulnerability https://www.eresussec.com/en/blog/ollama-cve-2026-7482-heap-oob-gguf-vulnerability Mon, 04 May 2026 00:00:00 GMT <![CDATA[CVE-2026-41940: Emergency Action Plan for cPanel & WHM Authentication Bypass]]> https://www.eresussec.com/en/blog/cpanel-whm-cve-2026-41940-authentication-bypass-action-plan https://www.eresussec.com/en/blog/cpanel-whm-cve-2026-41940-authentication-bypass-action-plan Fri, 01 May 2026 00:00:00 GMT <![CDATA[Copy Fail CVE-2026-31431: Linux Kernel Local Privilege Escalation]]> https://www.eresussec.com/en/blog/copy-fail-cve-2026-31431-linux-kernel-privilege-escalation https://www.eresussec.com/en/blog/copy-fail-cve-2026-31431-linux-kernel-privilege-escalation Fri, 01 May 2026 00:00:00 GMT <![CDATA[What Is AWS IAM in Cloud Security?]]> https://www.eresussec.com/en/blog/aws-iam-first-line-of-defense-cloud-security https://www.eresussec.com/en/blog/aws-iam-first-line-of-defense-cloud-security Fri, 24 Apr 2026 00:00:00 GMT <![CDATA[Vercel, Context.ai, and AI SaaS Security]]> https://www.eresussec.com/en/blog/vercel-context-ai-security-incident-analysis https://www.eresussec.com/en/blog/vercel-context-ai-security-incident-analysis Wed, 22 Apr 2026 00:00:00 GMT <![CDATA[The April 2026 MCP RCE Wave]]> https://www.eresussec.com/en/blog/mcp-rce-architecture-wave-april-2026 https://www.eresussec.com/en/blog/mcp-rce-architecture-wave-april-2026 Wed, 22 Apr 2026 00:00:00 GMT <![CDATA[AI Agent Traps: Web Attacks Against Agents]]> https://www.eresussec.com/en/blog/ai-agent-traps-web-attacks-analysis https://www.eresussec.com/en/blog/ai-agent-traps-web-attacks-analysis Wed, 22 Apr 2026 00:00:00 GMT <![CDATA[Building a Zero Trust Architecture for Enterprise AI and LLM Deployment]]> https://www.eresussec.com/en/blog/zero-trust-architecture-for-ai-models https://www.eresussec.com/en/blog/zero-trust-architecture-for-ai-models Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[What is AI Security? A Complete Enterprise Blueprint for Securing Machine Learning Ecosystems]]> https://www.eresussec.com/en/blog/what-is-ai-security https://www.eresussec.com/en/blog/what-is-ai-security Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[OWASP Top 10 for LLMs: The Definitive Guide to AI Vulnerabilities]]> https://www.eresussec.com/en/blog/owasp-top-10-for-llm-vulnerabilities https://www.eresussec.com/en/blog/owasp-top-10-for-llm-vulnerabilities Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[The Art of LLM Jailbreaking: Demystifying Offensive Prompt Engineering]]> https://www.eresussec.com/en/blog/llm-jailbreaking-red-teaming-tactics https://www.eresussec.com/en/blog/llm-jailbreaking-red-teaming-tactics Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[AI Compliance Crisis: Navigating GDPR/KVKK in RAG Architectures]]> https://www.eresussec.com/en/blog/gdpr-kvkk-compliance-for-rag-ai-models https://www.eresussec.com/en/blog/gdpr-kvkk-compliance-for-rag-ai-models Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[The Rise of Corporate Deepfakes and Vishing: AI-Powered Social Engineering]]> https://www.eresussec.com/en/blog/deepfake-vishing-ai-social-engineering https://www.eresussec.com/en/blog/deepfake-vishing-ai-social-engineering Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[The Rise of the Certified AI Security Professional (CAISP): Reimagining Enterprise Pentesting]]> https://www.eresussec.com/en/blog/certified-ai-security-professional https://www.eresussec.com/en/blog/certified-ai-security-professional Tue, 14 Apr 2026 00:00:00 GMT <![CDATA[Bug Bounties for AI Systems: Harnessing Crowdsourced Security for LLMs]]> https://www.eresussec.com/en/blog/bug-bounty-for-ai-systems https://www.eresussec.com/en/blog/bug-bounty-for-ai-systems Tue, 14 Apr 2026 00:00:00 GMT