The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
LLMs leave statistical fingerprints in the passwords they generate. We built a 100-year-old model to find them and detected 28,000 in the wild.
The Research Behind Of Detecting And Attributing LLM-Generated Passwords - Gäetan Ferry
GitGuardian Senior Cybersecurity Researcher Gaetan Ferry’s latest research shows that AI-generated passwords are leaving fingerprints in the wild. In this interview, he explains how he used Markov chains, a century-old statistical model, to detect patterns in passwords generated by modern LLMs, attribute them to model families, and identify 28,000 likely LLM-generated passwords across public GitHub. The findings are a warning for teams adopting AI coding agents.
Sophos Managed Detection and Response (MDR) Overview
AI speed. Human judgment. Fully managed. Sophos MDR: the world's largest agentic SOC. Speak with an expert. Request a custom service proposal at Sophos.com/MDR.
If You're Worried About Mythos, Your Security is Broken #infosec #alert
This episode looks at what happens when AI starts finding vulnerabilities at scale, restricted access creates market imbalance, and security teams struggle to keep pace. It covers fragile infrastructure, bug brokers, overloaded analysts, CISO fear, and the growing sense that cyber defence is entering a faster and harsher era.
Todd's Tenth Rule of certificate automation
I’m an old engineer at heart. Many of my ideals were formed by Joel’s Things You Should Never Do, Fred’s No Silver Bullet, and Brian’s Big Ball of Mud. One of my favorites was Greenspun’s Tenth Rule: The joke isn’t really about programming languages. It’s about a pattern: certain problems have a shape, and no matter how you approach them, you end up building the same solution, in the same order, until you arrive at the same messy place.
System Prompts Are Not Security Controls: A Deleted Production Database Proves It
On April 25th, a Cursor AI coding agent running Anthropic's Claude Opus 4.6, one of the most capable models in the industry, deleted the production database for PocketOS, a software platform used by car rental businesses across the country to manage their entire operations. The deletion took 9 seconds.
How to Evaluate Security Tools for the Software Supply Chain
Engineering teams today face a dual mandate: ship high-quality features faster while keeping the underlying infrastructure secure. As development velocity increases, so does the complexity of the tools, libraries, and third-party components that make up your applications. The challenge? Your application’s security is now tied to a vast supply chain of code you didn’t write.
Most Critical Infrastructure is Held Together by Sticky Tape
The fear is not only what advanced AI can do, it is what it can do to brittle systems already running on neglect and compromise. When critical infrastructure is patched together with ageing controls and restricted tools land in a few powerful hands, the imbalance gets worse fast.
Mandatory Cyber Incident Reporting Arrives in 2026: What It Means for Businesses and How to Prepare
This year marks a pivotal shift in global cybersecurity regulation. Mandatory cyber incident reporting is no longer a recommendation—it is a legal obligation. Across major jurisdictions, regulations such as the EU’s Cyber Resilience Act (CRA), the NIS2 Directive, and the U.S. Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) are introducing strict reporting timelines, expanded scope, and significant penalties for non-compliance.
Detection Engineering with LimaCharlie and Claude Code
Detection engineering is fundamentally a translation problem: rules need to be converted between formats, IOCs need to be converted into detection logic, and noisy alerts need to be converted into precise suppressions. That translation work is what consumes analyst time, and it's what Claude Code handles well.