N-days Are Becoming N-hours
Anthropic's June 2026 N-day research shows how frontier models can turn public patches into working exploits in hours. Here's what defenders should change now.
Security Research & Analysis
Offensive thinking.
Offensive thinking.
Defensive expertise.
In-depth red team research, blue team strategy — and privacy-first security tools that run entirely in your browser. No accounts. No telemetry. No data leaves your machine.
Featured
Latest research
Archive
Recent posts
Court Said Stop. Meta Says NSO Group Didn't Listen.
Meta says NSO Group violated a federal court's permanent injunction within months of receiving it by running new social engineering attempts against WhatsApp users. Meta is now seeking contempt of court.
Meta's Hidden NameTag: Facial Recognition Code for Smart Glasses Is Already in a 50M-Download App
Wired found dormant facial recognition code in Meta's AI app. It has not been activated for consumers, but researchers manually triggered a 2,048-dimensional faceprint pipeline.
Miasma and Mini Shai-Hulud: When npm Malware Learned to Persist in AI Coding Agents
Mini Shai-Hulud and Miasma show how supply chain malware can move from npm install-time execution into Claude Code hooks, VS Code tasks, and CI/CD persistence.
Post-Quantum Security: Who Is Ready?
Some vendors have already deployed post-quantum protections. Most enterprises have not. Here is who is moving first, where the gaps remain, and what security teams should do now.
You Are Now the Minority: Bots Have Officially Taken Over the Internet
2026 reports confirm bots now generate 53% of all internet traffic — the second year running that automated traffic outnumbers humans. Here's what that actually means.
The AI Evasion Lab
Sophos X-Ops uncovered a threat actor using Claude Opus 4.5 and Cursor IDE to build an automated, modular EDR evasion framework — 80 modules, 70+ techniques, tested against Sophos, CrowdStrike, and Defender.