The article explains how flat enterprise networks enable easy lateral movement and domain compromise. It shows how Active Directory tiering models segment privileges and systems to prevent attackers from escalating access.
(CVE-2026-0714) TPM-sniffing LUKS Keys on an Embedded Device
Researchers discovered CVE-2026-0714 where a Moxa embedded device leaks its LUKS disk key in plaintext over the TPM SPI bus during boot. By sniffing TPM communication with a logic analyzer, attackers with physical access can recover the encryption key.
When Local AI Becomes an Attack Vector: A Deep Dive into LLM Infrastructure Security
The article analyzes a real deployment of a low-privileged on-prem LLM server and shows that even restricted models can expose internal systems through APIs, RAG pipelines, and data access, creating new enterprise attack surfaces.