API security

3 posts

340 million records, unverified seller

Technical analysis of plausible attack vectors behind the claimed OnlyFans 340M record leak, with detection signatures for each path.

May 25, 2026

Article

Audi wired vehicles into a consumer auth flow

Audi Connected Vehicle security from an operator view: the boundary is no longer the key, it is the identity layer behind the myAudi app.

May 16, 2026

Article

AI-Driven Attacks Expose a Fundamental Control Failure

Large-scale automated login attempts in Q2 2024 highlight a critical control failure: identity enforcement at request boundaries. The real risk is not AI, but trusting input based on origin rather than verification.

Apr 13, 2026