Tokenless

Vulnerability research

Beyond phishing: Cyber threats in the age of AI with Four Flynn (pt. 1)

Beyond phishing: Cyber threats in the age of AI with Four Flynn (pt. 1)

VP of Security and Privacy at Google DeepMind, Four Flynn, discusses the landmark 'Operation Aurora' cyberattack, the 'defender's dilemma,' and how AI is now being used both to create novel threats and to build a new generation of defenses to find and automatically patch software vulnerabilities.

Email Spoofing with SMTP Smuggling: How the Shared Email Infrastructures Magnify this Vulnerability

Email Spoofing with SMTP Smuggling: How the Shared Email Infrastructures Magnify this Vulnerability

SMTP smuggling is a critical vulnerability allowing email spoofing that bypasses standard authentication protocols like SPF and DMARC. This research presents a large-scale study on its prevalence, uncovering widespread issues due to shared infrastructure and incomplete patches, and introduces a novel, non-intrusive methodology for ethically testing private email services.