Sign up to save your podcasts
Or
Share ThinkstScapes Research Roundup - Q4 - 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
ThinkstScapes Research Roundup - Q4 - 2025
Networking beyond plug-and-playGET /large file HTTP/1.1: Connection-Based TCP Amplification Attacks
Yepeng Pan, Lars Richter, and Christian Rossow
[Paper] [Code]
WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application FirewallsSeyed Ali Akhavani, Bahruz Jabiyev, Ben Kallus, Cem Topcuoglu, Sergey Bratus, and Engin Kirda
[Paper] [Code]
Excuse me, what precise time is it?Oliver Ettlin
[Video]
Cut To The QUIC: Slashing QUIC's Performance With A Hash DoSPaul Bottinelli
[Slides] [Code]
High-impact security at the foundationsUnderstanding the Security Impact of CHERI on the Operating System KernelZhaofeng Li, Jerry Zhang, Joshua Tlatelpa-Agustin, Xiangdong Chen, and Anton Burtsev
[Code] [Paper]
CUDA de Grâce: Owning AI Cloud Infrastructure with GPU ExploitsValentina Palmiotti and Samuel Lovejoy
[Video]
Defeating KASLR by Doing Nothing at AllSeth Jenkins
[Blog post] [Code]
Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMURomain Malmain and Scott Bauer
[Code] [Video]
Rust in Android: move fast and fix thingsJeff Vander Stoep
[Blog post] [Rust course]
Skynet Starter Kit: From Embodied AI Jailbreak to Remote Takeover of Humanoid RobotsShipei Qu, Zikai Xu, and Xuangan Xiao
[Video]
Wins and losses with LLMs and securityScaling agentic architectures for autonomous security testing and offensive operationsJason Garman, Jake Coyne, and Aaron Brown
[Slides] [Code]
Forced Descent: Google Antigravity Persistent Code Execution VulnerabilityAaron Portnoy
[Blog post]
Flaw And Order: Finding The Needle In The Haystack Of CodeQL Using LLMsSimcha Kosman
[Slides] [Blog post] [Code]
Rescuing the Unpoisoned: Efficient Defense against Knowledge Corruption Attacks on RAG SystemsKim Minseok, Lee Hankook, and Koo Hyungjoon
[Code] [Paper]
Whisper Leak: A novel side-channel attack on remote language modelsJonathan Bar Or and Geoff McDonald
[Blog post] [Paper] [Code]
Nifty sundriesFormat-Preserving Compression-Tolerating Authenticated Encryption for ImagesAlexandra Boldyreva, Kaishuo Cheng, and Jehad Hussein
[Slides] [Paper]
Why Quantum Cryptanalysis is BollocksPeter Gutmann
[Video] [Slides]
Unmasking Organizations' Security Postures: Insights From Phishing-Resistant AuthenticationFei Liu
[Slides]
Those Who Do Not Learn from Advisories Are Doomed to Repeat ThemLouis Nyffenegger
[Video]
View all episodes
By Jacob Torrey, [email protected], haroon meer, marco slaviero
5
11 ratings
Networking beyond plug-and-playGET /large file HTTP/1.1: Connection-Based TCP Amplification Attacks
Yepeng Pan, Lars Richter, and Christian Rossow
[Paper] [Code]
WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application FirewallsSeyed Ali Akhavani, Bahruz Jabiyev, Ben Kallus, Cem Topcuoglu, Sergey Bratus, and Engin Kirda
[Paper] [Code]
Excuse me, what precise time is it?Oliver Ettlin
[Video]
Cut To The QUIC: Slashing QUIC's Performance With A Hash DoSPaul Bottinelli
[Slides] [Code]
High-impact security at the foundationsUnderstanding the Security Impact of CHERI on the Operating System KernelZhaofeng Li, Jerry Zhang, Joshua Tlatelpa-Agustin, Xiangdong Chen, and Anton Burtsev
[Code] [Paper]
CUDA de Grâce: Owning AI Cloud Infrastructure with GPU ExploitsValentina Palmiotti and Samuel Lovejoy
[Video]
Defeating KASLR by Doing Nothing at AllSeth Jenkins
[Blog post] [Code]
Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMURomain Malmain and Scott Bauer
[Code] [Video]
Rust in Android: move fast and fix thingsJeff Vander Stoep
[Blog post] [Rust course]
Skynet Starter Kit: From Embodied AI Jailbreak to Remote Takeover of Humanoid RobotsShipei Qu, Zikai Xu, and Xuangan Xiao
[Video]
Wins and losses with LLMs and securityScaling agentic architectures for autonomous security testing and offensive operationsJason Garman, Jake Coyne, and Aaron Brown
[Slides] [Code]
Forced Descent: Google Antigravity Persistent Code Execution VulnerabilityAaron Portnoy
[Blog post]
Flaw And Order: Finding The Needle In The Haystack Of CodeQL Using LLMsSimcha Kosman
[Slides] [Blog post] [Code]
Rescuing the Unpoisoned: Efficient Defense against Knowledge Corruption Attacks on RAG SystemsKim Minseok, Lee Hankook, and Koo Hyungjoon
[Code] [Paper]
Whisper Leak: A novel side-channel attack on remote language modelsJonathan Bar Or and Geoff McDonald
[Blog post] [Paper] [Code]
Nifty sundriesFormat-Preserving Compression-Tolerating Authenticated Encryption for ImagesAlexandra Boldyreva, Kaishuo Cheng, and Jehad Hussein
[Slides] [Paper]
Why Quantum Cryptanalysis is BollocksPeter Gutmann
[Video] [Slides]
Unmasking Organizations' Security Postures: Insights From Phishing-Resistant AuthenticationFei Liu
[Slides]
Those Who Do Not Learn from Advisories Are Doomed to Repeat ThemLouis Nyffenegger
[Video]
More shows like ThinkstScapes
View all
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
The Jordan Harbinger Show
11,989 Listeners