Skip to content
Hermes Codex

Hermes Codex

Advanced Cyber Intelligence & AI Security Research.
AI Security Research Latest Vulnerabilities Forensic Lab

๐Ÿค– AI Security & Adversarial Research Cutting-edge

Section titled โ€œ๐Ÿค– AI Security & Adversarial Research โ€
Tool Injection: The RCE of AI Architectural analysis of kinetic exploitation in Agentic AI.
Training Data Poisoning The ultimate supply chain attack against Artificial Intelligence.
Indirect Prompt Injection Analysis How attackers hijack LLM sessions via poisoned web content.
RAG Poisoning RAG Poisoning and Knowledge Base Manipulation.

๐Ÿ”ด Critical Intelligence Pulse (CVE)

Section titled โ€œ๐Ÿ”ด Critical Intelligence Pulse (CVE)โ€
CVE-2026-8719: Privilege Escalation in AI Engine Analysis of a high-severity privilege escalation vulnerability in the AI Engine plugin for WordPress, allowing authenticated users to escalate to Administrator through improper MCP authorization.
CVE-2026-42208: LiteLLM Proxy API Key SQL Injection Analysis of a critical SQL injection vulnerability in LiteLLM (versions 1.81.16 to 1.83.6). An unauthenticated attacker can execute arbitrary SQL queries by sending malicious Authorization headers, potentially leading to unauthorized access to the proxy database and credential extraction.
CVE-2026-30623: LiteLLM Authenticated MCP RCE LiteLLM contains an authenticated remote command execution vulnerability in its MCP server creation functionality, where improper validation of JSON configurations allows attackers to execute arbitrary system commands.
CVE-2026-30615: Windsurf MCP Prompt Injection RCE A prompt injection vulnerability in Windsurf 1.9544.26 allows unauthorized modification of the local MCP configuration and automatic registration of malicious MCP STDIO servers, leading to arbitrary command execution.

๐Ÿ” Forensic Deep Dives (Latest Labs)

Section titled โ€œ๐Ÿ” Forensic Deep Dives (Latest Labs)โ€
Shellbags Forensic Analysis Reconstruct user navigation history and folder access patterns.
Prefetch (.pf) Files Forensic Analysis Proving binary execution and building forensic timelines.
Amcache & RecentFileCache Forensic Analysis Extracting SHA1 hashes and identifying malicious binaries.
Shimcache (AppCompatCache) Forensic Analysis Comprehensive guide to Shimcache (AppCompatCache) in Windows forensics.

๐Ÿ› ๏ธ Operational Resources

Section titled โ€œ๐Ÿ› ๏ธ Operational Resourcesโ€
Incident Response Playbooks Access our step-by-step guides for ransomware and data breach response.
Threat Intel Matrix Deep dive into APT TTPs and attribution mapping.