CyberDesserts
Learn Cybersecurity By Doing

Latest

05
Jul
LiteLLM Security: Your AI Gateway Is a Secrets Manager. Benchmark It Like One

LiteLLM Security: Your AI Gateway Is a Secrets Manager. Benchmark It Like One

July 2026 An AI gateway is a secrets manager wearing a router's clothes. LiteLLM, the most widely adopted
7 min read
05
Jul
External Attack Surface Management: Seeing What Attackers Already See

External Attack Surface Management: Seeing What Attackers Already See

July 2026 For years, security ran on a simple mental model: build the walls high, dig the moat deep, and
13 min read
03
Jul
Your AI Coding Assistant's Config Folder Is a Persistence Surface

Your AI Coding Assistant's Config Folder Is a Persistence Surface

Supply-chain malware started writing into the config files your coding agent reads on every run. Nothing in the usual toolchain is watching that surface.
10 min read
01
Jul
The EU AI Act as an engineering machine: build requirements, high-risk use case tiles, provider and deployer roles, an August 2026 deadline, and euro penalty weights.

The EU AI Act Lands on Your Codebase, Not Just Your Legal Team

July 2026 The EU AI Act describes engineering work. Risk management, logging, human oversight, resilience against attackers: these are build
6 min read
23
Jun
What Is Scanning My Server? An Internet Scanner Reference

What Is Scanning My Server? An Internet Scanner Reference

You found a line in your logs you do not recognise. CensysInspect, Shodan-Pull/1.0, visionheight.com/scan, a
8 min read
21
Jun
Quantum Is Breaking Your Cryptography. The Question Is When It Matters.

Quantum Is Breaking Your Cryptography. The Question Is When It Matters.

June 2026 You can settle your organisation's quantum exposure in three numbers, without guessing when a quantum computer
9 min read
20
Jun
The Agent Control Plane: Security's Third Sprawl

The Agent Control Plane: Security's Third Sprawl

June 2026 Every major platform vendor is shipping an agent control plane this year, and most of them are selling
9 min read
20
Jun
Claude Code welcome screen with its pixel-art night scene and the terminal theme selection menu.

Claude Code Security Review: CodeGuard vs the Built-in Tools

June 2026 Claude Code can review your code for security flaws. Type /security-review and it scans your project for
6 min read
24
May
What is a JA3 Fingerprint? How TLS Client Fingerprinting Works

What is a JA3 Fingerprint? How TLS Client Fingerprinting Works

Recognise the software behind any encrypted connection from its TLS handshake alone. How JA3 fingerprinting works, how to read one, and what a single hash reveals about shared attacker tooling.
7 min read
23
May
AndroxGh0st and the limits of TLS fingerprinting

AndroxGh0st and the limits of TLS fingerprinting

May 2026 The same scanner toolkit AWS attributed to Interlock ransomware in March 2026 also runs AndroxGh0st credential theft and
11 min read