ThinkstScapes
Episodes
ThinkstScapes Research Roundup - Q4 - 2025
12 Feb 2026
Contributed by Lukas
Networking beyond plug-and-playGET /large file HTTP/1.1: Connection-Based TCP Amplification AttacksYepeng Pan, Lars Richter, and Christian Rossow[Pape...
ThinkstScapes Research Roundup - Q3 - 2025
11 Nov 2025
Contributed by Lukas
Q3’25 ThinkstScapesMicrosoft-induced security woesOne Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokensDirk-...
ThinkstScapes Research Roundup - Q2 - 2025
04 Aug 2025
Contributed by Lukas
ThinkstScapes Q2’25Networking is always trickyBeyond the Horizon: Uncovering Hosts and Services Behind Misconfigured FirewallsQing Deng, Juefei Pu, ...
ThinkstScapes Research Roundup - Q1 - 2025
30 Apr 2025
Contributed by Lukas
ThinkstScapes Q1’25Putting it into practiceHomomorphic Encryption across Apple featuresRehan Rishi, Haris Mughees, Fabian Boemer, Karl Tarbe, Nichol...
ThinkstScapes Research Roundup - Q4 - 2024
20 Feb 2025
Contributed by Lukas
ThinkstScapes Q4’24Wins and losses in the Microsoft ecosystemPointer Problems - Why We’re Refactoring the Windows KernelJoe Bialek[Video]Defending...
ThinkstScapes Research Roundup - Q3 - 2024
11 Nov 2024
Contributed by Lukas
Themes covered in this episodeEdge cases at scale still matterWorks from this theme exploit rarely-occurring issues, but with an internet-wide apertur...
ThinkstScapes Research Roundup - Q2 - 2024
29 Jul 2024
Contributed by Lukas
AI/ML in securityInjecting into LLM-adjacent componentsJohann Rehberger[Blog 1] [Blog 2]Teams of LLM Agents can Exploit Zero-Day VulnerabilitiesRichar...
ThinkstScapes Research Roundup - Q1 - 2024
14 Jun 2024
Contributed by Lukas
Revealing more than anticipated, and preventing prying eyesPrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Fr...
ThinkstScapes Research Roundup - Q4 - 2023
28 Feb 2024
Contributed by Lukas
LLMs ain't making life any easierAbusing Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMsTsung-Yin Hsieh, Ben Nassi, Vitaly Sh...
ThinkstScapes Research Roundup - Q3 - 2023
14 Nov 2023
Contributed by Lukas
Cryptography still isn’t easycertmitm: automatic exploitation of TLS certificate validation vulnerabilitiesAapo Oksman[Slides] [Code] [Video]Escapin...
ThinkstScapes Research Roundup - Q2 - 2023
05 Aug 2023
Contributed by Lukas
Privacy in the modern eraIPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level GeolocationErik Rye and Robert Beverly[Slides] [Paper] [Cod...
ThinkstScapes Research Roundup - Q1 - 2023
26 May 2023
Contributed by Lukas
Smashing Web3 transaction simulations for fun and profitTal Be'ery and Roi Vazan[Blog] [Video]Not what you've signed up for: Compromising Real-World L...
ThinkstScapes Research Roundup - Q4 - 2022
17 Feb 2023
Contributed by Lukas
Hacking the Cloud with SAMLFelix Wilhelm[Slides] [Video]Announcing GUAC, a great pairing with SLSA (and SBOM)!Brandon Lum, Mihai Maruseac, Isaac Hepwo...
ThinkstScapes Research Roundup - Q3 - 2022
04 Nov 2022
Contributed by Lukas
Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things DevicesDilawer Ahmed, Anupam Das, and Fareed Zaffar[Code] [Paper]W...
ThinkstScapes Research Roundup - Q2 - 2022
29 Jul 2022
Contributed by Lukas
I am become loadbalancer, owner of your networkNate Warfield[Slides]Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhonesJiska C...
ThinkstScapes Research Roundup - Q1 - 2022
25 Apr 2022
Contributed by Lukas
Hyntrospect: a fuzzer for Hyper-V devicesDiane Dubois[Slides] [Paper] [Code] [Video]Put an io_uring on it: Exploiting the Linux KernelValentina Palmio...
ThinkstScapes Research Roundup - Q4 - 2021
16 Dec 2021
Contributed by Lukas
Sponge Examples: Energy-Latency Attacks on Neural NetworksIlia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert Mullins, and Ross Anderso...
ThinkstScapes Research Roundup - Q3 - 2021
30 Aug 2021
Contributed by Lukas
IntroductionEpisode 1 - 2021/Q3Thinkst Trends and Takeaways is a show released in conjunction with ThinkstScapes, a written quarterly review of inform...