Labs Archive

Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails

Gabriel Bernadett-Shapiro & Silas Cutler (Censys) / January 29, 2026

Analysis of 175,000 open-source AI hosts across 130 countries reveals a vast compute layer susceptible to resource hijacking and code execution attacks.

LABScon

LABScon25 Replay | How to Bug Hotel Rooms v2.0

LABScon / January 21, 2026

Dan Tentler reveals how consumer hardware coupled with Home Assistant can monitor hotel rooms, detect occupants through walls, and trigger automated alerts.

AI Research

LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams

Gabriel Bernadett-Shapiro & Edir Garcia Lazo / January 20, 2026

LLM cybersecurity benchmarks fail to measure what defenders need: faster detection, reduced containment time, and better decisions under pressure.

LABScon

LABScon25 Replay | Hacktivism and War: A Clarifying Discussion

LABScon / January 14, 2026

Jim Walter unpacks the hacktivist landscape and reveals how to distinguish different levels of threat based on persona characteristics.

Security Research

Inside the LLM | Understanding AI & the Mechanics of Modern Attacks

Phil Stokes / January 13, 2026

Learn how attackers exploit tokenization, embeddings and LLM attention mechanisms to bypass LLM security filters and hijack model behavior.

Security & Intelligence

LLMs & Ransomware | An Operational Accelerator, Not a Revolution

Gabriel Bernadett-Shapiro, Jim Walter & Alex Delamotte / December 15, 2025

LLMs make competent ransomware crews faster and novices more dangerous. The risk is not superintelligent malware, but rather industrialized extortion.

Security & Intelligence

Malicious Apprentice | How Two Hackers Went From Cisco Academy to Cisco CVEs

Dakota Cary / December 10, 2025

Read how two Cisco Network Academy Cup winners went from students to operators behind Salt Typhoon, a global cyber espionage campaign targeting telecoms.

LABScon

LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations

LABScon / November 25, 2025

Mei Danowski & Eugenio Benincasa unpack how Chinese firms running attack-defense exercises fuel state-linked offensive cyber operations.

Security Research

Threat Hunting Power Up | Enhance Campaign Discovery With Validin and Synapse

Tomas Gatial / November 17, 2025

Accelerate adversary tracking and reveal hidden infrastructure with our open-source Synapse Rapid Power-Up for Validin.

LABScon

LABScon25 Replay | LLM-Enabled Malware In the Wild

LABScon / November 3, 2025

Learn how to detect malware that generates code at runtime. SentinelLABS reveals hunting techniques and how to uncover novel AI-enabled threats.

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence

Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails

LABScon25 Replay | How to Bug Hotel Rooms v2.0

LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams

LABScon25 Replay | Hacktivism and War: A Clarifying Discussion

Inside the LLM | Understanding AI & the Mechanics of Modern Attacks

LLMs & Ransomware | An Operational Accelerator, Not a Revolution

Malicious Apprentice | How Two Hackers Went From Cisco Academy to Cisco CVEs

LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations

Threat Hunting Power Up | Enhance Campaign Discovery With Validin and Synapse

LABScon25 Replay | LLM-Enabled Malware In the Wild