DEV Community

Ksenia Rudneva profile picture

Ksenia Rudneva

I hunt for vulnerabilities and explore how attacks really work. Expect deep dives into protocols, packet‑level mysteries, and surprising weak spots in everyday systems.

Joined Joined on 
Agent Skill Marketplace Vulnerable to Supply Chain Attacks: Standardized Security Scanning Proposed
kserude profile

Agent Skill Marketplace Vulnerable to Supply Chain Attacks: Standardized Security Scanning Proposed

#security #github #ai #supplychain
Comments
14 min read
ONNX `silent=True` Disables Security Checks, Exposing ML Models to Supply Chain Attacks: Solution Needed
kserude profile

ONNX `silent=True` Disables Security Checks, Exposing ML Models to Supply Chain Attacks: Solution Needed

#onnx #security #machinelearning #supplychain
Comments
11 min read
DarkSword iOS Exploit Analysis: Evaluating Lookout's LLM-Assisted Findings Against Other Research Teams
kserude profile

DarkSword iOS Exploit Analysis: Evaluating Lookout's LLM-Assisted Findings Against Other Research Teams

#cybersecurity #ai #darksword #ios
1
Comments
12 min read
Claude Code CLI Vulnerability: Malicious Configs Bypass Trust Dialog, Enabling Unauthorized Permission Elevation
kserude profile

Claude Code CLI Vulnerability: Malicious Configs Bypass Trust Dialog, Enabling Unauthorized Permission Elevation

#security #vulnerability #cli #permissions
Comments
10 min read
Simplifying Cybersecurity Frameworks: Practical Solutions for Startups to Implement ISO 27001 and NIST
kserude profile

Simplifying Cybersecurity Frameworks: Practical Solutions for Startups to Implement ISO 27001 and NIST

#cybersecurity #startup #iso27001 #nist
Comments
11 min read
AI/ML Infrastructure Vulnerabilities Expose Systems to Security Risks: Patching and Mitigation Strategies Proposed
kserude profile

AI/ML Infrastructure Vulnerabilities Expose Systems to Security Risks: Patching and Mitigation Strategies Proposed

#security #aiml #vulnerabilities #rce
1
Comments
13 min read
GlassWorm Malware Campaign Steals Crypto Seeds via Obfuscation, Chrome Exploit, and Social Engineering: Mitigation Strategies
kserude profile

GlassWorm Malware Campaign Steals Crypto Seeds via Obfuscation, Chrome Exploit, and Social Engineering: Mitigation Strategies

#malware #cryptocurrency #obfuscation #exploitation
1
Comments
10 min read
Efficiently Locating and Analyzing PoC Code for CVEs with Contextual Information Integration
kserude profile

Efficiently Locating and Analyzing PoC Code for CVEs with Contextual Information Integration

#cybersecurity #poc #cve #ai
Comments
8 min read
Windows Vulnerability CVE-2025-59284: Incomplete Patch Enables NetNTLM Hash Phishing During Archive Extraction
kserude profile

Windows Vulnerability CVE-2025-59284: Incomplete Patch Enables NetNTLM Hash Phishing During Archive Extraction

#windows #vulnerability #netntlm #patching
Comments
14 min read
Self-Hosted Email Threat Detection: Real-Time Monitoring, Multi-Stage Enrichment, and LLM Verdicts with Legal Compliance
kserude profile

Self-Hosted Email Threat Detection: Real-Time Monitoring, Multi-Stage Enrichment, and LLM Verdicts with Legal Compliance

#cybersecurity #email #selfhosted #llm
1
Comments
15 min read
Enhancing Cybersecurity with Hypervisors: Current Practices, Future Advancements, and Nova Design Rationale
kserude profile

Enhancing Cybersecurity with Hypervisors: Current Practices, Future Advancements, and Nova Design Rationale

#cybersecurity #hypervisor #virtualization #isolation
Comments
9 min read
Addressing Security Risks: Replacing Unscoped API Keys with Fine-Grained Access Control in AI Agent Frameworks
kserude profile

Addressing Security Risks: Replacing Unscoped API Keys with Fine-Grained Access Control in AI Agent Frameworks

#security #ai #api #authentication
Comments
11 min read
66% of MCP Servers Have Critical Security Vulnerabilities: Urgent Patching and Audits Needed
kserude profile

66% of MCP Servers Have Critical Security Vulnerabilities: Urgent Patching and Audits Needed

#security #vulnerabilities #mcp #patching
1
Comments
13 min read
Alipay App Vulnerabilities Enable Silent GPS Exfiltration; Vendor Denies Issue Despite High CVSS Scores
kserude profile

Alipay App Vulnerabilities Enable Silent GPS Exfiltration; Vendor Denies Issue Despite High CVSS Scores

#security #vulnerabilities #gps #exfiltration
1
Comments
10 min read
Microsoft's Software Ecosystem Faces 79 Vulnerabilities: Urgent Patching and Mitigation Strategies Required
kserude profile

Microsoft's Software Ecosystem Faces 79 Vulnerabilities: Urgent Patching and Mitigation Strategies Required

#cybersecurity #vulnerabilities #patching #zerodays
2
Comments
16 min read
Drywall Foreman in Ontario Demands $35/Hour Wage Review: Is the Pay Fair for the Responsibilities and Workload?
kserude profile

Drywall Foreman in Ontario Demands $35/Hour Wage Review: Is the Pay Fair for the Responsibilities and Workload?

#compensation #construction #leadership #risk
Comments
13 min read
Pac4j-JWT Authentication Bypass Vulnerability Undetected for Six Years Despite Advanced Security Tools
kserude profile

Pac4j-JWT Authentication Bypass Vulnerability Undetected for Six Years Despite Advanced Security Tools

#security #vulnerability #ai #auditing
Comments
9 min read
Basic Operator Exploits Weak FortiGate Passwords in 55 Countries Using AI, Compromising 600+ Devices Without Zero-Days.
kserude profile

Basic Operator Exploits Weak FortiGate Passwords in 55 Countries Using AI, Compromising 600+ Devices Without Zero-Days.

#cybersecurity #ai #fortigate #passwords
Comments
12 min read
Phishing Campaign Exploits Google Cloud Storage Domain: Redirects to Credential Harvesting Sites
kserude profile

Phishing Campaign Exploits Google Cloud Storage Domain: Redirects to Credential Harvesting Sites

#phishing #cloud #security #exploitation
Comments
8 min read
Post-Quantum TLS Signatures Increase Handshake Size: Solutions to Mitigate Performance and Compatibility Issues
kserude profile

Post-Quantum TLS Signatures Increase Handshake Size: Solutions to Mitigate Performance and Compatibility Issues

#quantum #tls #cryptography #latency
Comments
13 min read
Navigating Legal and Compliance Challenges in Tech Content Aggregation: Balancing Data Privacy, IP Rights, and Liability Risks
kserude profile

Navigating Legal and Compliance Challenges in Tech Content Aggregation: Balancing Data Privacy, IP Rights, and Liability Risks

#compliance #iprights #dataprivacy #liability
Comments
8 min read
loading...