Tag: 2026

Agentic AI gives LLMs the power to act: query databases, call APIs or access files. But when your tools blindly trust the LLM, you've created a confused deputy. Here's a practical and comprehensive approach to understanding and identifying this critical authorization flaw.

Quarkslab performed the first public security audit of EVerest, an open-source project for EV charging stations hosted by LF Energy. The audit was mandated by the Open Source Technology Improvement Fund, Inc..

Ten years ago, we published a Clang Hardening Cheat Sheet. Since then, both the threat landscape and the Clang toolchain have evolved significantly. This blog post presents the new mitigations available in Clang to improve the security of your applications.