IT meets OT¶
Posts¶
- 2026-02-15 - BrokenClaw Part 2: Escape the Sub-Agent Sandbox with Prompt Injection in OpenClaw
- 2026-02-02 - BrokenClaw Part 1: 0-Click Remote Code Execution in OpenClaw via Gmail Hook
- 2025-12-14 - Data Exfiltration via Image Rendering in RAG Chatbot Frontend
- 2025-12-14 - RCE via Indirect Prompt Injection in VSCode with Github Copilot
- 2025-11-30 - Prompt Injection 101 with n8n
- 2025-11-11 - Models, Agents and Prompt Injections - Some Experiments.
- 2025-09-12 - [UPDATE] Playing with Gemini CLI: Riddles, Magic and some security Vibes
- 2025-09-08 - The nx Supply Chain Attack - Post Mortem Analysis and Reproduction
- 2025-07-27 - Playing with Gemini CLI: Riddles, Magic and some security Vibes
- 2025-07-14 - From Prompt to Plant Shutdown: Agent Context Contamination in the Model Context Protocol (MCP) 💀
- 2024-07-27 - Analysis of the Growatt MIC600TL-X and ShineWIFI-X solar inverter system
- 2024-06-18 - Cybersecurity Analysis of the SolaX Power inverter system and cloud
- 2024-04-21 - Cybersecurity Analysis of the Sungrow inverter system
- 2024-01-31 - Balcony in the cloud: Security analysis of the Hoymiles HM microinverter system
- 2024-01-02 - NetCloud
- 2024-01-01 - Rooting the Cradlepoint IBR600C Router
- 2023-12-12 - Playing with the Siemens LOGO!8.3
- 2023-12-05 - Bosch Smart Home Cloud Admin Dashboard with weak credentials
- 2023-12-05 - Set up mitmproxy to sniff TLS traffic between Bosch Smart Home App and Cloud
- 2023-12-04 - Set up mitmproxy to sniff TLS traffic of the Bosch Smart Home Controller
- 2023-12-03 - The Universal Smart Home Ping of Death
- 2023-12-02 - Extracting the Firmware of a Smart Home Device with Electromagnetic Fault Injection (EM-FI)
- 2023-12-01 - Rooting the Bosch SmartHome Controller I
- 2022-08-31 - JTAG resurrection with Electromagnetic Fault Injection against the Texas Instrument TM4C12x microcontroller family.
Contact¶
- Mastodon: @veganmosfet@mastodon.tld
- Email: veganmosfet@mailbox.org