Slider

4829 Articles

This Week In Security: Vibecoding, Router Banning, And Remote Dynamic Dependencies

October 31, 2025 by 37 Comments

Vibecoding. What could possible go wrong? That’s what [Kevin Joensen] of Baldur wondered, and to find out he asked Anthropic’s Sonnet 4.5 to build a secure login with Two Factor Authentication (2FA). And to the LLM’s credit, it builds the app as requested. [Kevin] took a peek under the hood to see how well the security was handled, and it wasn’t great.

Up first, the Flask app doesn’t have any rate-limiting for guessing that time-based 2FA code. A 6-digit time-based 2FA only works if you can’t try all the possibilities before a given code expires. So what does a vibecoder do, once this has been noticed? Ask the LLM to fix it of course. Here we take a slightly different approach, prompting the AI to double-check its work: “Is there any security features missing in 2fa verify step?” The answer is an impressive:

Great question! Yes, there are several critical security features missing from the 2FA verification step. Let me highlight the most important ones:🚨 Critical Security Issues1. No Rate Limiting (MOST CRITICAL)

But the critical question, can it properly fix its mistake? The AI adds the flask-limiter library and chooses 10 attempts per minute, which is a bit loose, but not unreasonable. There’s still an issue, that those attempts are limited by IP address instead of user login. All it takes to bypass that rate limiting is a pool of IP addresses.

This experiment starts to go off the rails, as [Kevin] continues to prompt the LLM to look for more problems in its code, and it begins to hallucinate vulnerabilities, while not fixing the actual problem. LLMs are not up to writing secure code, even with handholding.

But surely the problem of LLMs making security mistakes isn’t a real-world problem, right? Right? Researchers at Escape did a survey of 5,600 vibecoded web applications, and found 2,000 vulnerabilities. Caveat Vibetor.

“Secure” Enclave

A few weeks ago we talked about Battering RAM and Wiretap — attacks against Trusted Execution Environments (TEEs). These two attacks defeated trusted computing technologies, but were limited to DDR4 memory. Now we’re back with TEE-fail, a similar attack that works against DDR5 systems.

This is your reminder that very few security solutions hold up against a determined attack with physical access. The Intel, AMD, and Nvidia TEE solutions are explicitly ineffective against such physical access. The problem is that no one seemed to be paying attention to that part of the documentation, with companies ranging from Cloudflare to Signal getting this detail wrong in their marketing.

Banning TP-Link

News has broken that the US government is considering banning the sale of new TP-Link network equipment, calling the devices a national security risk.

I have experience with TP-Link hardware: Years ago I installed dozens of TL-WR841 WiFi routers in small businesses as they upgraded from DSL to cable internet. Even then, I didn’t trust the firmware that shipped on these routers, but flashed OpenWRT to each of them before installing. Fun fact, if you go far enough back in time, you can find my emails on the OpenWRT mailing list, testing and even writing OpenWRT support for new TP-Link hardware revisions.

From that experience, I can tell you that TP-Link isn’t special. They have terrible firmware just like every other embedded device manufacturer. For a while, you could run arbitrary code on TP-Link devices by putting it inside backticks when naming the WiFi network. It wasn’t an intentional backdoor, it was just sloppy code. I’m reasonably certain that this observation still holds true. TP-Link isn’t malicious, but their products still have security problems. And at this point they’re the largest vendor of cheap networking gear with a Chinese lineage. Put another way, they’re in the spotlight due to their own success.

There is one other element that’s important to note here. There is still a significant TP-Link engineering force in China, even though TP-Link Systems is a US company. TP-Link may be subject to the reporting requirements of the Network Product Security legislation. Put simply, this law requires that when companies discover vulnerabilities, they must disclose the details to a particular Chinese government agency. It seems likely that this is the primary concern in the minds of US regulators, that threat actors cooperating with the Chinese government are getting advanced notice of these flaws. The proposed ban is still in proposal stage, and no action has been taken on it yet.

Sandbox Escape

In March there was an interesting one-click exploit that was launched via phishing links in emails. Researchers at Kaspersky managed to grab a copy of the malware chain, and discovered the Chrome vulnerability used. And it turns out it involves a rather novel problem. Windows has a pair of APIs to get handles for the current thread and process, and they have a performance hack built-in: Instead of returning a full handle, they can return -1 for the current process and -2 for the current thread.

Now, when sandboxed code tries to use this pseudo handle, Chrome does check for the -1 value, but no other special values, meaning that the “sandboxed” code can make a call to the local thread handle, which does allow for running code gadgets and running code outside the sandbox. Google has issued a patch for this particular problem, and not long after Firefox was patched for the same issue.

NPM and Remote Dynamic Dependencies

It seems like hardly a week goes by that we aren’t talking about another NPM problem. This time it’s a new way to sneak malware onto the repository, in the form of Remote Dynamic Dependencies (RDD). In a way, that term applies to all NPM dependencies, but in this case it refers to dependencies hosted somewhere else on the web. And that’s the hook. NPM can review the package, and it doesn’t do anything malicious. And when real users start downloading it, those remote packages are dynamically swapped out with their malicious versions by server-side logic.

Installing one of these packages ends with a script scooping up all the data it can, and ex-filtrating it to the attacker’s command and control system. While there isn’t an official response from NPM yet, it seems inevitable that NPM packages will be disallowed from using these arbitrary HTTP/HTTPS dependencies. There are some indicators of compromise available from Koi.

Bits and Bytes

Python deserialization with Pickle has always been a bit scary. Several times we’ve covered vulnerabilities that have their root in this particular brand of unsafe deserialization. There’s a new approach that just may achieve safer pickle handling, but it’s a public challenge at this point. It can be thought of as real-time auditing for anything unsafe during deserialization. It’s not ready for prime time, but it’s great to see the out-of-the-box thinking here.

This may be the first time I’ve seen remote exploit via a 404 page. But in this case, the 404 includes the page requested, and the back-end code that injects that string into the 404 page is vulnerable to XML injection. While it doesn’t directly allow for code execution, this approach can result in data leaks and server side request forgeries.

And finally, there was a sketchy leak, that may be information on which mobile devices the Cellebrite toolkit can successfully compromise. The story is that [rogueFed] sneaked into a Teams meeting to listen in and grab screenshots. The real surprise here is that GrapheneOS is more resistant to the Cellebrite toolkit than even the stock firmware on phones like the Pixel 9. This leak should be taken with a sizable grain of salt, but may turn out to be legitimate.

The Time Of Year For Things That Go Bump In The Night

October 30, 2025 by 23 Comments

Each year around the end of October we feature plenty of Halloween-related projects, usually involving plastic skeletons and LED lights, or other fun tech for decorations to amuse kids. It’s a highly commercialised festival of pretend horrors which our society is content to wallow in, but beyond the plastic ghosts and skeletons there’s both a history and a subculture of the supernatural and the paranormal which has its own technological quirks. We’re strictly in the realm of the science here at Hackaday so we’re not going to take you ghost hunting, but there’s still an interesting journey to be made through it all.

Today: Fun For Kids. Back Then: Serious Business

A marble carved skull on a 17th century monument in the church of st. Mary & st. Edburga, Stratton Audley, Oxfordshire.
English churches abound with marble-carved symbols of death.

Halloween as we know it has its roots in All Hallows Eve, or the day before the remembrance festivals of All Saint’s Day and All Soul’s Day in European Christianity. Though it has adopted a Christian dressing, its many trappings are thought to have their origin in pagan traditions such as for those of us where this is being written, the Gaelic Samhain (pronounced something like “sow-ain”). The boundary between living and dead was thought to be particularly porous at this time of year, hence all the ghosts and other trappings of the season you’ll see today.

Growing up in a small English village as I did, is to be surrounded by the remnants of ancient belief. They survive from an earlier time hundreds of years ago when they were seen as very real indeed, as playground rhymes at the village school or hushed superstitions such as that it would be bad luck to walk around the churchyard in an anticlockwise manner.

As a small child they formed part of the thrills and mild terrors of discovering the world around me, but of course decades later when it was my job to mow the grass and trim the overhanging branches in the same churchyard it mattered little which direction I piloted the Billy Goat. I was definitely surrounded by the mortal remains of a millennium’s worth of my neighbours, but I never had any feeling that they were anything but at peace. Continue reading “The Time Of Year For Things That Go Bump In The Night”

This Reactor Is On Fire! Literally…

October 29, 2025 by 51 Comments

If I mention nuclear reactor accidents, you’d probably think of Three Mile Island, Fukushima, or maybe Chernobyl (or, now, Chornobyl). But there have been others that, for whatever reason, aren’t as well publicized. Did you know there is an International Nuclear Event Scale? Like the Richter scale, but for nuclear events. A zero on the scale is a little oopsie. A seven is like Chernobyl or Fukushima, the only two such events at that scale so far. Three Mile Island and the event you’ll read about in this post were both level five events. That other level five event? The Windscale fire incident in October of 1957.

If you imagine this might have something to do with the Cold War, you are correct. It all started back in the 1940s. The British decided they needed a nuclear bomb project and started their version of the Manhattan Project called “Tube Alloys.” But in 1943, they decided to merge the project with the American program.

The British, rightfully so, saw themselves as co-creators of the first two atomic bombs. However, in post-World War paranoia, the United States shut down all cooperation on atomic secrets with the 1946 McMahon Act.

We Are Not Amused

The British were not amused and knew that to secure a future seat at the world table, it would need to develop its own nuclear capability, so it resurrected Tube Alloys. If you want a detour about the history of Britan’s bomb program, the BBC has a video for you that you can see below.

Continue reading “This Reactor Is On Fire! Literally…”

Expert Systems: The Dawn Of AI

October 29, 2025 by 18 Comments

We’ll be honest. If you had told us a few decades ago we’d teach computers to do what we want, it would work some of the time, and you wouldn’t really be able to explain or predict exactly what it was going to do, we’d have thought you were crazy. Why not just get a person? But the dream of AI goes back to the earliest days of computers or even further, if you count Samuel Butler’s letter from 1863 musing on machines evolving into life, a theme he would revisit in the 1872 book Erewhon.

Of course, early real-life AI was nothing like you wanted. Eliza seemed pretty conversational, but you could quickly confuse the program. Hexapawn learned how to play an extremely simplified version of chess, but you could just as easily teach it to lose.

But the real AI work that looked promising was the field of expert systems. Unlike our current AI friends, expert systems were highly predictable. Of course, like any computer program, they could be wrong, but if they were, you could figure out why.

Experts?

As the name implies, expert systems drew from human experts. In theory, a specialized person known as a “knowledge engineer” would work with a human expert to distill his or her knowledge down to an essential form that the computer could handle.

This could range from the simple to the fiendishly complex, and if you think it was hard to do well, you aren’t wrong. Before getting into details, an example will help you follow how it works.

Continue reading “Expert Systems: The Dawn Of AI”

Know Audio: Lossy Compression Algorithms And Distortion

October 28, 2025 by 37 Comments

In previous episodes of this long-running series looking at the world of high-quality audio, at every point we’ve stayed in the real world of physical audio hardware. From the human ear to the loudspeaker, from the DAC to measuring distortion, this is all stuff that can happen on your bench or in your Hi-Fi rack.

We’re now going for the first time to diverge from the practical world of hardware into the theoretical world of mathematics, as we consider a very contentious topic in the world of audio. We live in a world in which it is now normal for audio to have some form of digital compression applied to it, some of which has an effect on what is played back through our speakers and headphones. When a compression algorithm changes what we hear, it’s distortion in audio terms, but how much is it distorted and how do we even measure that? It’s time to dive in and play with some audio files. Continue reading “Know Audio: Lossy Compression Algorithms And Distortion”

Analog Surround Sound Was Everywhere, But You Probably Didn’t Notice

October 28, 2025 by 21 Comments

These days, most of the media we consume is digital. We still watch movies and TV shows, but they’re all packaged in digital files that cram in many millions of pixels and as many audio channels as we could possibly desire.

Back in the day, though, engineering limitations meant that media on film or tape were limited to analog stereo audio at best. And yet, the masterminds at Dolby were able to create a surround sound format that could operate within those very limitations, turning two channels in to four. What started out as a cinematic format would bring surround sound to the home—all the way back in 1982!

Continue reading “Analog Surround Sound Was Everywhere, But You Probably Didn’t Notice”

Exploding The Mystical Craftsman Myth

October 27, 2025 by 85 Comments

As a Hackaday writer, I see a lot of web pages, social media posts, videos, and other tips as part of my feed. The  best ones I try to bring you here, assuming of course that one of my ever-vigilant colleagues hasn’t beaten me to it. Along the way I see the tropes of changing content creator fashion; those ridiculous pea-sized hand held microphones, or how all of a sudden everything has to be found in the woods. Some of them make me laugh, but there’s one I see a lot which has made me increasingly annoyed over the years. I’m talking of course about the craftsman myth.

No. The Last True Nuts And Bolts Are Not Being Made In Japan

If you don’t recognise the craftsman myth immediately, I’m sure you’ll be familiar with it even if you don’t realise it yet. It goes something like this: somewhere in Japan (or somewhere else perceived as old-timey in online audience terms like Appalachia, but it’s usually Japan), there’s a bloke in a tin shed who makes nuts and bolts.

But he’s not just any bloke in a tin shed who makes nuts and bolts, he’s a special master craftsman who makes nuts and bolts like no other. He’s about 120 years old and the last of a long line of nut and bolt makers entrusted with the secrets of nut and bolt making, father to son, since the 8th century. His tools are also mystical, passed down through the generations since they were forged by other mystical craftsmen centuries ago, and his forge is like no other, its hand-cranked bellows bring to life a fire using only the finest cedar driftwood charcoal. The charcoal is also made by a 120 year old master charcoal maker Japanese bloke whose line stretches back to the n’th century, yadda yadda. And when Takahashi-san finally shuffles off this mortal coil, that’s it for nuts and bolts, because the other nuts and bolts simply can’t compare to these special ones. Continue reading “Exploding The Mystical Craftsman Myth”