System Weakness - Medium

Receive updates from System Weakness - Medium for free, starting right now.

We can deliver them by email, via your phone or you can read them from a personalised news page on follow.it.

This way you won't miss any new article from System Weakness - Medium. Unsubscribe at any time.

Site title: Just a moment...

Is this your feed? Claim it!

Publisher: Unclaimed!

Message frequency: 4.47 / day

Message History

I Found Hardcoded Credentials in a Single Command Line (APT29 Part 4)9 hrs

Inside The Breach

Manish Rawat

The clearest evidence of lateral movement in the entire APT29 dataset fit in one command line. No obfuscation, no evasion, just a username, password, and remote payload path sitting in plain text where anyone running the right query could see&...

Read full story

Part 4: Context Injection & Over-Sharing - Exploiting Context Boundaries in AI Agents9 hrs

Welcome back to the AI/LLM vulnerability research series.

In Part 1, we built a local AI agent lab to simulate real-world behavior.
In Part 2, we explored persistent memory poisoning - where malicious influence survives across interactions.
In Part 3, we demonstrated tool authority injection - where tools become trusted policy enforcers.

Each of these a...

Read full story

84% of Developers Now Use AI Coding Tools Daily — But Only 29% Trust What They Ship to Production.9 hrs

84% of Developers Now Use AI Coding Tools Daily — But Only 29% Trust What They Ship to Production. I Ran the Numbers on Real Systems.The April 2026 surveys are in: massive adoption, shockingly low trust. I’ve shipped at 400k+ RPS with heavy AI assistance. Here’s exactly why most teams are one bad merge away from an expensive outage — and the fix that actually works.

...

Read full story