 |
ThinkstScapesAuthor: Jacob Torrey, research@thinkst.com, haroon meer, marco slaviero
The ThinkstScapes podcast aims to distill and disseminate the cybersecurity research published worldwide. Our researchers track and review hundreds and thousands of talks (so you don't have to) and then bring this to you in small, digestible chunks. Language: en Genres: Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
ThinkstScapes Research Roundup - Q4 - 2025
Episode 18
Thursday, 12 February, 2026
Networking beyond plug-and-playGET /large file HTTP/1.1: Connection-Based TCP Amplification AttacksYepeng Pan, Lars Richter, and Christian Rossow[Paper] [Code]WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application FirewallsSeyed Ali Akhavani, Bahruz Jabiyev, Ben Kallus, Cem Topcuoglu, Sergey Bratus, and Engin Kirda[Paper] [Code]Excuse me, what precise time is it?Oliver Ettlin[Video]Cut To The QUIC: Slashing QUIC's Performance With A Hash DoSPaul Bottinelli[Slides] [Code]High-impact security at the foundationsUnderstanding the Security Impact of CHERI on the Operating System KernelZhaofeng Li, Jerry Zhang, Joshua Tlatelpa-Agustin, Xiangdong Chen, and Anton Burtsev[Code] [Paper]CUDA de Grâce: Owning AI Cloud Infrastructure with GPU ExploitsValentina Palmiotti and Samuel Lovejoy[Video]Defeating KASLR by Doing Nothing at AllSeth Jenkins[Blog post] [Code]Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMURomain Malmain and Scott Bauer[Code] [Video]Rust in Android: move fast and fix things Jeff Vander Stoep[Blog post] [Rust course]Skynet Starter Kit: From Embodied AI Jailbreak to Remote Takeover of Humanoid RobotsShipei Qu, Zikai Xu, and Xuangan Xiao[Video]Wins and losses with LLMs and securityScaling agentic architectures for autonomous security testing and offensive operationsJason Garman, Jake Coyne, and Aaron Brown[Slides] [Code]Forced Descent: Google Antigravity Persistent Code Execution VulnerabilityAaron Portnoy[Blog post]Flaw And Order: Finding The Needle In The Haystack Of CodeQL Using LLMsSimcha Kosman[Slides] [Blog post] [Code]Rescuing the Unpoisoned: Efficient Defense against Knowledge Corruption Attacks on RAG SystemsKim Minseok, Lee Hankook, and Koo Hyungjoon[Code] [Paper]Whisper Leak: A novel side-channel attack on remote language models Jonathan Bar Or and Geoff McDonald[Blog post] [Paper] [Code]Nifty sundriesFormat-Preserving Compression-Tolerating Authenticated Encryption for ImagesAlexandra Boldyreva, Kaishuo Cheng, and Jehad Hussein[Slides] [Paper]Why Quantum Cryptanalysis is BollocksPeter Gutmann[Video] [Slides]Unmasking Organizations' Security Postures: Insights From Phishing-Resistant AuthenticationFei Liu[Slides]Those Who Do Not Learn from Advisories Are Doomed to Repeat ThemLouis Nyffenegger[Video]
