Labs Archive

LABScon25 Replay | Your Apps May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

LABScon / March 17, 2026

Andrew MacPherson exposes how crypto thieves exploit DeFi architecture, from the $1.5 billion Bybit heist to drainers-as-a-service and fund laundering.

AI Research

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence

Aleksandar Milenkoski & Razvan Gabriel Cirstea / March 9, 2026

LLMs can turn CTI narratives into structured intelligence at scale, but speed-accuracy trade-offs demand careful design for operational defense workflows.

AI Research

Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails

Gabriel Bernadett-Shapiro & Silas Cutler (Censys) / January 29, 2026

Analysis of 175,000 open-source AI hosts across 130 countries reveals a vast compute layer susceptible to resource hijacking and code execution attacks.

LABScon

LABScon25 Replay | How to Bug Hotel Rooms v2.0

LABScon / January 21, 2026

Dan Tentler reveals how consumer hardware coupled with Home Assistant can monitor hotel rooms, detect occupants through walls, and trigger automated alerts.

AI Research

LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams

Gabriel Bernadett-Shapiro & Edir Garcia Lazo / January 20, 2026

LLM cybersecurity benchmarks fail to measure what defenders need: faster detection, reduced containment time, and better decisions under pressure.

LABScon

LABScon25 Replay | Hacktivism and War: A Clarifying Discussion

LABScon / January 14, 2026

Jim Walter unpacks the hacktivist landscape and reveals how to distinguish different levels of threat based on persona characteristics.

AI Research

Inside the LLM | Understanding AI & the Mechanics of Modern Attacks

Phil Stokes / January 13, 2026

Learn how attackers exploit tokenization, embeddings and LLM attention mechanisms to bypass LLM security filters and hijack model behavior.

AI Research

LLMs & Ransomware | An Operational Accelerator, Not a Revolution

Gabriel Bernadett-Shapiro, Jim Walter & Alex Delamotte / December 15, 2025

LLMs make competent ransomware crews faster and novices more dangerous. The risk is not superintelligent malware, but rather industrialized extortion.

Security & Intelligence

Malicious Apprentice | How Two Hackers Went From Cisco Academy to Cisco CVEs

Dakota Cary / December 10, 2025

Read how two Cisco Network Academy Cup winners went from students to operators behind Salt Typhoon, a global cyber espionage campaign targeting telecoms.

LABScon

LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations

LABScon / November 25, 2025

Mei Danowski & Eugenio Benincasa unpack how Chinese firms running attack-defense exercises fuel state-linked offensive cyber operations.

Building an Adversarial Consensus Engine | Multi-Agent LLMs for Automated Malware Analysis

LABScon25 Replay | Your Apps May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence

Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails

LABScon25 Replay | How to Bug Hotel Rooms v2.0

LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams

LABScon25 Replay | Hacktivism and War: A Clarifying Discussion

Inside the LLM | Understanding AI & the Mechanics of Modern Attacks

LLMs & Ransomware | An Operational Accelerator, Not a Revolution

Malicious Apprentice | How Two Hackers Went From Cisco Academy to Cisco CVEs

LABScon25 Replay | Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations