Nov 18, 2025

AI ATTACKS! How Hackers Weaponize Artificial Intelligence

AI is no longer just a tool for defense; it's being weaponized by malicious actors. This summary explores six emerging AI-powered cyber attacks, from automated login attempts and polymorphic ransomware to hyper-personalized phishing and deepfake fraud. It details how AI agents and Large Language Models (LLMs) are used to automate the entire attack kill chain, significantly lowering the skill barrier for attackers and necessitating an evolution in cyber defense strategies.

Sep 24, 2025

Email Spoofing with SMTP Smuggling: How the Shared Email Infrastructures Magnify this Vulnerability

SMTP smuggling is a critical vulnerability allowing email spoofing that bypasses standard authentication protocols like SPF and DMARC. This research presents a large-scale study on its prevalence, uncovering widespread issues due to shared infrastructure and incomplete patches, and introduces a novel, non-intrusive methodology for ethically testing private email services.

Sep 24, 2025

‘Hey mum, I dropped my phone down the toilet’: Investigating Hi Mum and Dad SMS Scams in the UK

An empirical study of the 'hi mum and dad' SMS scam, a new interaction-based fraud technique. The research dissects the scam's lifecycle, from initial contact to financial exploitation, by analyzing scam messages, mobile network data, and mule accounts in collaboration with a UK mobile operator. Key findings reveal the psychological principles used, the abuse of mobile and financial infrastructure, and the underlying structure of scammer networks.

Jul 30, 2025

2025 Cost of a Data Breach: AI Risks, Shadow AI, & Solutions

A breakdown of key findings from the IBM 2025 Cost of a Data Breach Report, focusing on the financial impact of breaches, the dual role of AI in attacks and defense, primary threat vectors, and actionable recommendations for improving security posture.