Operationalizing Cyber Attack Prediction: A Gap-Prioritized Framework with Dataset and Model Selection Guidelines

While AI and machine learning for cyber attack prediction have advanced, a critical gap persists between theoretical research and practical operational deployment. Building on Ankalaki et al. 2025, this paper provides a comprehensive analysis of 150+ benchmark datasets and 200+ studies to identif...

On the Ethics of Using LLMs for Offensive Security

Large Language Models LLMs have rapidly evolved over the past few years and are currently evaluated for their efficacy within the domain of offensive cyber-security. While initial forays showcase the potential of LLMs to enhance security research, they also raise critical ethical concerns regardi...

23andMe and its customers’ genetic data bought by a pharmaceutical org

The bankrupt genetic testing company 23andMe has been scooped up by drug producer Regeneron Pharmaceuticals for $256 million dollars. But why would a pharmaceutical company like Regeneron buy a bankrupt genetics testing company like 23andMe for such a large amount of money? Well, Regeneron is a...

“Nudify” deepfakes stored unprotected online

Yesterday, we told you about how millions of pictures from specialized dating apps had been stored online without any kind of password protection. Now it's the turn of an AI "nudify" service. A researcher, famous for finding unprotected cloud storage buckets, has uncovered an unprotected AWS buck...

The New York Times vs. OpenAI: A Turning Point for Web Scraping?

In a recent blog, we covered the blurry lines of legality surrounding web scraping and how the advent of artificial intelligence AI and large language models LLMs further complicates the matter. Shortly after publishing the blog, a significant legal development began unfolding: The New York Times...

Exploit for Cross-site Scripting in Modcluster Mod_Proxy_Cluster

CVE-2023-6710 Exploit POC Explore the depths of CVE-2023-6710...

Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09

In January, a mental health nonprofit admitted that it had used Artificial Intelligence to help talk to people in distress. Prompted first by a user's longing for personal improvement--and the difficulties involved in that journey--the AI tool generated a reply, which, with human intervention,...

“Ethnicity recognition” tool listed on surveillance camera app store built by fridge-maker’s video analytics startup

The bizarre promotional video promises “Face analysis based on best of breed Artificial Intelligence algorithms for Business Intelligence and Digital Signage applications.” What follows is footage of a woman pushing her hair behind her ears, a man grimacing and baring his teeth, and an actor in a...

Scalpers, and their bot armies, swing in to net web-based Spiderman tickets

29 November 2021 was “Spider Monday” and tickets for Marvel’s film Spider-Man: No Way Home went on sale with the sort of marketing fervor for which Disney and the Marvel Cinematic Universe MCU are famous. As tickets to one of the most eagerly anticipated Christmas films featuring one of the most...

A Ban on Ad Targeting: Why Did EU Regulators Call for It?

By Waqas Brands use ad targeting to attract potential customers but is it an ethical approach? Why is the EU asking for a ban on ad targeting? This is a post from HackRead.com Read the original post: A Ban on Ad Targeting: Why Did EU Regulators Call for It?...

Facial recognition: tech giants take a step back

Last week, a few major tech companies informed the public that they will not provide facial recognition software to law enforcement. These companies are concerned about the way in which their technology might be used. What happens when software that threatens our privacy falls into the hands of...

Exploit for Improper Input Validation in Nema Dicom_Standard

Bad-DICOM PoC of my handcrafted CVE-2019-11687's exploit tool...

Facial recognition technology: force for good or privacy threat?

All across the world, governments and corporations are looking to invest in or develop facial recognition technology. From law enforcement to marketing campaigns, facial recognition is poised to make a splashy entrance into the mainstream. Biometrics are big business, and third party contracts...

Researchers: MedSec, Muddy Waters Set Bad Precedent With St. Jude Medical Short

Security researchers warn mixing vulnerability disclosures with stock market bets sets a troubling precedent that erodes confidence in the relationship between businesses and white hat hackers who help uncover threats. Researchers are responding to the unprecedented partnership between security...

Carna Botnet Analysis Enumerates Vulnerable Network Devices

The Carna botnet, more formally known as the Internet Census 2012, stirred up a hornet’s nest of controversy when it was unveiled in March to a number of popular security mailing lists. An unidentified researcher had found more than 420,000 embedded devices that were accessible online with defaul...

RSA 2011: Winning the War But Losing Our Soul

There was lots of noise and distraction on the crowded Expo floor of the RSA Security Conference this year. After a grueling couple of years, vendors were back in force with big booths, big news and plenty of entertainment designed to attract visitor traffic. Wandering the floor, I saw – variousl...