Cloud & AI Security Research

Hands-on exploit research at the intersection of cloud infrastructure & AI systems

$ cat mission.txt

Hands-on exploit research in controlled lab environments. Focused on LLM security, AI service misconfigurations, cloud infrastructure attack surfaces, and AI supply chain threats. All findings published with reproducible evidence.

$ ls focus/

llm-security/prompt-injection/ai-supply-chain/sagemaker/bedrock/aws/azure-openai/rag-poisoning/cloud-misconfig/ai-red-team/

$_▊

# latest_research

view all →

2026-03-08

Why AWS MSK Costs $1,500+/Month (And How to Do It for $80)

A deep-dive into the real cost of running AWS MSK in production — including the hidden fees across broker instances, cross-AZ replication, MSK Connect, tiered storage, and CloudWatch — and a complete self-hosted Redpanda alternative that cuts your streaming bill by 95%.

awsmskkafkacost-optimizationredpandaopen-sourceevent-drivenstreamingcloud-infrastructure

2026-03-08

Why AWS Step Functions Costs $2,500+/Month (And How to Do It for $50)

A deep-dive into the real cost of running AWS Step Functions at scale — including the hidden fees from retries, polling loops, and multi-environment multiplication — and a complete alternative architecture using self-hosted Temporal that cuts your bill by 98%.

awsstep-functionscost-optimizationtemporalworkflow-orchestrationopen-sourcecloud-costfinops

2026-03-08

CVE Hunter Q1 2026: The OSS Projects You Trust Are Still Bleeding — A $7.1M Audit Update

Q1 2026 audit of the most critical CVEs hitting top open-source and enterprise-adjacent projects — Next.js middleware bypass, n8n Ni8mare RCE, Chrome zero-days, Cisco SD-WAN, and Ivanti EPMM — with updated breach-cost data, a self-hosted scanning stack you can deploy for $48/month, and complete Terraform to stand it up today.

cveopen-sourcevulnerability-managementnext-jsn8nchromeciscoivantilangflowsupply-chaincost-optimizationai-security