Month: April 2026

SecTor 2025 | One Agent to Rule Them All: How One Malicious Agent Hijacks A2A System

  • Haco
  • April 16, 2026
  • 3 min read

"One Agent to Rule Them All" by cybersecurity researchers Stav Cohen and Adar Peleg. Core ThemeThe presentation highlights a novel and severe security vulnerability in Generative AI Multi-Agent Systems (MAS). The researchers demonstrate how an attacker can use a technique called "AgentWare" to compromise an entire enterprise AI network simply by introducing a malicious agent into the system. Key Concepts & Background GenAI Agents: Unlike simple chatbots, AI agents can understand goals, plan steps, execute actions using internal tools (APIs, databases), and collaborate with other agents to solve complex tasks. Promptware: Malicious…

Black Hat USA 2025 | LLM-Driven Reasoning for Automated Vulnerability Discovery Behind Hall-of-Fame

  • Haco
  • April 13, 2026
  • 3 min read

This video is a Black Hat USA 2025 talk titled “BinWhisper: LLM-Driven Reasoning for Automated Vulnerability Discovery Behind Hall-of-Fame” by Qinrun Dai and Yifei Xie. The core idea is that vulnerability research still depends heavily on either manual auditing or fuzzing, and the speakers argue that LLMs are most useful not as fully autonomous hackers, but as structured reasoning helpers inside a guided workflow. The talk starts with a manual reverse-engineering walkthrough of CVE-2024-34587, using a Samsung video/RTCP parsing path as the example. They show that the actual…

Black Hat USA 2025 | AI Agents for Offsec with Zero False Positives

  • Haco
  • April 13, 2026
  • 4 min read

Summary Using Large Language Models (LLMs) for offensive security (vulnerability discovery) currently results in an overwhelming number of false positives. To solve this, Dolan-Gavitt proposes shifting away from asking AI to "grade its own homework." Instead, security teams must use Non-AI Deterministic Validation—forcing the AI agent to provide undeniable, mathematically verifiable proof that an exploit works. The Problem: The Specter of False Positives When LLMs are fed source code and asked to find vulnerabilities, they confidently hallucinate bugs. This is a mathematical inevitability due to the Bayesian Base Rate Fallacy.…

Black Hat USA 2025 | Racing for Privilege

  • Haco
  • April 7, 2026
  • 2 min read

The main point is that Intel’s modern Spectre v2 defenses, especially eIBRS, can fail because branch predictor updates happen asynchronously. The researchers show that this timing creates “Branch Predictor Race Conditions” (BPRC), where branch predictions can be learned or applied with the wrong privilege context. In practice, that breaks intended isolation boundaries such as user-to-kernel, guest-to-hypervisor, and even barriers meant to flush unsafe predictions. The talk’s key attack is called Branch Privilege Injection (BPI). In plain English: an unprivileged process can trick the CPU into treating attacker-controlled branch…