Blog · Zerberos Labs

Triage
Agentjacking: the attack where nothing is unauthorized

This week, researchers at Tenet Security disclosed a new attack class they're calling agentjacking. After seeing Apple's new iOS 27 agentic password features, it's the first AI agent attack in a while that made me stop and actually think about the IR side of it, and I wanted to jot some of that down. The mechanics are wicked simple. Tenet's proof-of-concept involves Sentry Data Source Name (DSN), a project-specific address your app uses to send errors and performance events to the service, which is public and write-only by design. An attacker who finds one can write their own "error events"…

Jun 14, 2026 · 3 min read
Triage
iOS 27 gives Siri write access to your passwords - should it?

A few days ago at WWDC, Apple announced iOS 27 - with the biggest feature being a revamped Siri, called Siri AI. After looking at some of Siri AI's new features, I noticed it can now make changes inside the Passwords app. Specifically, it can now act on a weak or compromised credential by walking through a password rotation on the site for you, end to end. Agentic magic. At face value, the convenience is obvious: most people never rotate a leaked password because the flow is tedious and people can be naturally lazy. As incriminating as it is to admit, I am also one of those people (for my…

Jun 10, 2026 · 3 min read
Home Lab

Home Lab Snapshot: May 2026

May 25, 2026 · 7 min read
Tooling

Meet SousChef, an Experiment in CyberChef Recipes from a Local LLM

May 11, 2026 · 7 min read
Running Claude Code Locally with LM Studio on Apple Silicon

May 1, 2026 · 13 min read
Announcements

Introducing EIDVault: An EID Reference App Built by an Analyst, for Analysts

Apr 20, 2026 · 5 min read
Building Zerberos Labs: Astro on Cloudflare Pages

Apr 19, 2026 · 6 min read
Archive · Burnham Forensics

Imported from my previous blog →