The Cyber Archive
The Cyber Archive
Subscribe
Security domain
V

Vulnerability Research

All Deep Dives For Infosec Conference Talks Covering Vulnerability Research. Talks analyzed in full.

8 deep dives
6 conferences

Latest deep dives

Tenderizing the Target | [un]prompted 2026
Unprompted 2026

Tenderizing the Target | [un]prompted 2026

Learn how NVIDIAs Project Marinade uses LLM coding agents to inject realistic, tunable vulnerabilities into real codebases - giving you ground-truth benchmarks to evaluate your security tools.

Aaron Grattafiori Skyler Bingham 22 April 2026
 I SPy - Rethinking Entra ID research for new paths to Global Admin
Fwd cloudsec north america 2025

I SPy - Rethinking Entra ID research for new paths to Global Admin

Discover how Entra ID service principal hijacking chains credential backdooring, federated domain abuse, and SAML token forgery into a full Global Admin escalation.

Katie Knowles 20 April 2026
 Vibe Check: Security Failures in AI-Assisted IDEs | [un]prompted 2026
Unprompted 2026

Vibe Check: Security Failures in AI-Assisted IDEs | [un]prompted 2026

Discover how 37 AI-assisted IDE vulnerabilities across 15+ vendors enable zero-click RCE, prompt injection chains, and silent config poisoning — and how to test your tools.

Piotr Ryciak 15 April 2026
 Black-hat LLMs | [un]prompted 2026
Unprompted 2026

Black-hat LLMs | [un]prompted 2026

Discover how LLMs now autonomously find and exploit zero-day vulnerabilities in the Linux kernel and Ghost CMS — and what the AI capability curve means for defenders right now.

Nicholas Carlini 13 April 2026
 AI go Beep Boop! | [un]prompted 2026
Unprompted 2026

AI go Beep Boop! | [un]prompted 2026

Learn how AI cut a 6-week chip glitching failure to 7 minutes. Discover how LLMs guide EM fault injection and design hardware hacking platforms on a $7 Pico.

Adam Laurie 31 March 2026
 FENRIR: AI Hunting for AI Zero-Days at Scale | [un]prompted 2026
Unprompted 2026

FENRIR: AI Hunting for AI Zero-Days at Scale | [un]prompted 2026

Discover how Trend Micro's FENRIR engine chains SAST tools, fast LLM triage, and agentic sandboxes to find 60+ CVEs at $8.80 per true positive.

Peter Girnus Derek Chen 8 April 2026
 Evaluating Threats & Automating Defense at Google
Unprompted 2026

Evaluating Threats & Automating Defense at Google

Discover how Google's Big Sleep and Code Mender use agentic AI to find and patch deep memory safety bugs with zero false positives.

Heather Adkins Four Flynn 30 March 2026
 Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail
Owasp global appsec usa 2024

Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail

Learn why server-side HTML sanitization is structurally broken and how client-side tools like DOMPurify eliminate parser differential XSS bypasses.

Yaniv Nizry 12 February 2026