On-Prem Red Team AI — engineering notes from the front line
Deep dives, comparisons and field reports on autonomous red team AI, generative pentesting, deep-packet traffic intelligence, NIS2/DORA, and how to operate them air-gapped.
- OT SecurityCritical InfrastructureICS
909 Exposed Tank Gauges: OT Critical Infrastructure on the Open Internet
909 US fuel tank gauges sit on the public internet, and CISA says attackers are running commands on them. A look at why OT critical infrastructure is invisible to endpoint security — and what actually sees it.
6 min read - CitrixBleed 3NetScalerIdentity Edge
CitrixBleed 3: Why a March NetScaler Bug Is Your June Emergency
CVE-2026-3055 (CitrixBleed 3) was patched on 23 March. In early June, Fortinet confirmed large-scale exploitation. Here is why the patch alone never closed the door.
7 min read - Supply ChainnpmeBPF
IronWorm npm: when Trusted Publishing becomes the attack surface
JFrog disclosed IronWorm on 3 June: an npm worm with a Rust binary, eBPF rootkit, Tor C2, and self-propagation via npm Trusted Publishing OIDC tokens.
7 min read - HTTP/2 BombCVE-2026-49975AI Pentest
HTTP/2 Bomb (CVE-2026-49975): when an AI agent chained two decade-old primitives nobody had composed
Codex composed HPACK amplification and Slowloris stalling into a 5,700:1 DoS chain hitting nginx, Apache, IIS, Envoy and Pingora — 880,000 servers exposed. The defensive lesson is symmetric.
7 min read - PAN-OSVPN Auth BypassContinuous Compliance
PAN-OS CVE-2026-0257: when GlobalProtect is patched and exploitable at the same time
Palo Alto patched the GlobalProtect cookie-forge auth bypass on May 13. The exploit still works on patched firewalls if the portal reuses its TLS certificate. Patch state is not configuration state.
8 min read - Silent Ransom GroupLaw FirmsTraffic Analysis
Silent Ransom Group Is Walking Into Law Firms — And EDR Can't See It
FBI FLASH-20260526-01 warns Silent Ransom Group (Luna Moth, UNC3753) is infiltrating US law firms by phone, by RDP — and, when those fail, by walking in with a USB stick. 38+ firms leaked. Endpoint stack misses it; wire-side traffic ML doesn't.
9 min read - FortiClient EMSCVE-2026-35616EKZ Infostealer
FortiClient EMS CVE-2026-35616: when the security vendor's management plane ships the malware
The EKZ infostealer arrived on managed endpoints disguised as a Fortinet patch — pushed through the FortiClient EMS API after an unauthenticated bypass. Two months between disclosure and active campaign, and Fortinet still hasn't published IOCs.
8 min read - AI Agent AttacksMarimo CVE-2026-39987Cloud Credential Theft
AI Agent Post-Exploitation Is Real: Marimo CVE-2026-39987 and the 60-Minute Pivot Chain
On May 10, 2026 Sysdig recorded what looks like the first AI-agent-driven post-exploitation in the wild — Marimo CVE-2026-39987 to PostgreSQL exfiltration in under an hour, across 11 egress IPs. What it changes for defenders.
8 min read - Supply Chain AttackBotnetAI Traffic Analysis
Glassworm Takedown: When C2 Hides in Solana, BitTorrent, and Google Calendar
On 2026-05-26 CrowdStrike, Google, and Shadowserver coordinated the takedown of Glassworm, a developer-targeting supply-chain botnet that ran command-and-control over Solana memo fields, BitTorrent DHT, and Google Calendar event titles.
8 min read