category: The Security Side Channel

category: Auto, Security & Edge AI

Breaking The “Unhackable” Xbox One
By Jasper van Woudenberg - 04 Jun, 2026 - Comments: 0

For more than a decade, the Xbox One stood out as one of the most resilient consumer devices ever built. While other consoles from the same era were eventually jailbroken or modified, the Xbox One remained largely untouched. Its layered defenses, hardened boot process, and strong cryptographic foundations earned it a reputation as effectively “unhackable.” That assumption changed at RE//... » read more

How OCP S.O.L.I.D. Completes The Data Center Security Picture
By Jasper van Woudenberg - 07 May, 2026 - Comments: 0

In 2023, the Open Compute Project launched S.A.F.E. (Security Appraisal Framework and Enablement), a standardized process for auditing data center hardware and firmware. It delivered something the industry needed: approved third-party reviewers, continuous assessments, and public reports — not just one-time certifications. S.A.F.E. provided the audit framework; what it did not provide was gui... » read more

Agent Card Poisoning: A Metadata Injection Vulnerability In The Systems Using Google A2A Protocol
By Kumar Aditya - 02 Apr, 2026 - Comments: 0

Modern multi-agent systems built on the Google A2A protocol enable dynamic discovery and delegation between autonomous agents through structured metadata known as agent cards. These cards describe capabilities, endpoints, and operational details that the host agent uses to plan task delegation. However, when agent cards are injected directly into an LLM’s reasoning context without strict boun... » read more

Learnings From The Polish Energy Sector Attacks
By Doug Carson - 05 Mar, 2026 - Comments: 0

On 29 December 2025, coordinated cyberattacks targeted Polish energy infrastructure. The attacks coincided with severe winter weather and appear to have aimed at disrupting heat supply to end users by targeting renewable energy farms. The attackers succeeded in disabling controllers linking generation and distribution facilities but, thankfully, were unable to halt electricity production. Th... » read more

The True Cost Of CMMC Non-Compliance
By Scott Register - 05 Feb, 2026 - Comments: 0

If you’re in the Defense Industrial Base (DIB), you’ve probably felt the shift: cybersecurity has moved from a contractual footnote to a deciding factor in who gets to compete. The Cybersecurity Maturity Model Certification (CMMC) is the clearest signal yet that the Department of Defense (DoD) is moving away from “trust us” security and toward verified compliance. And in the face of ... » read more

Airbus A320 Recall: Rethinking Fault Testing In Aerospace
By Marc Witteman - 08 Jan, 2026 - Comments: 0

Fault injection is usually discussed in the context of security, where adversaries deliberately induce faults to bypass protections or extract sensitive information. In safety engineering, by contrast, faults are often treated as rare, random events driven by natural or environmental factors. The recent Airbus A320 recall is a good example of how a primarily safety incident can still benefit fr... » read more

What The EU Cyber Resilience Act Means For Digital Product Makers
By Mafalda Monteiro Oiveira Cortez - 04 Dec, 2025 - Comments: 0

The EU Cyber Resilience Act (CRA) is set to become a defining regulation for all manufacturers and developers of digital products that touch the EU market. It introduces strict requirements for cybersecurity practices, risk management, and compliance procedures, affecting a wide range of stakeholders from software developers to hardware vendors. This article unpacks what the CRA is, who it af... » read more

AIxCC 2025: What It Means For Device Security
By Jasper van Woudenberg - 06 Nov, 2025 - Comments: 0

The DARPA-sponsored Artificial Intelligence Cyber Challenge (AIxCC) culminated at DEF CON 33 this year, marking a moment where autonomous AI systems demonstrated they can both find and patch vulnerabilities at machine speed. Over two years, teams developed Cyber Reasoning Systems (CRS) designed to scan, prove, and fix bugs in open-source programs without human aid. In the final round, seven t... » read more

How The Cyber Resilience Act Shifts Open-Source Responsibility To Vendors
By Marc Witteman - 09 Oct, 2025 - Comments: 0

The EU Cyber Resilience Act (CRA), adopted last year, aims to strengthen product security in several ways. One of its most ambitious goals is the elimination of exploitable vulnerabilities from digital products. Vendors are now obligated to identify vulnerabilities, resolve them before delivery, and continue addressing them throughout the product’s lifecycle. The scale of the challenge The ... » read more

How Security Regulation Can Help Grid Stability
By Marc Witteman - 04 Sep, 2025 - Comments: 0

Grid stability is at risk. The advent of Distributed Energy Resources (DERs), such as solar, wind, and batteries, has increased the attack surface of energy generation. While cities once had few power plants, they now host thousands of smaller, intermittent sources. These DERs are often managed by entities without uptime requirements. At the same time, traditional energy sources face greater de... » read more

← Older posts

  • Sponsors

About

Navigation

Connect With Us

Copyright ©2013-2026 SMG   |  Terms of Service  |  Privacy Policy