Cloud & AI Security Research

Hands-on exploit research at the intersection of cloud infrastructure & AI systems

$ cat mission.txt

Hands-on exploit research in controlled lab environments. Focused on LLM security, AI service misconfigurations, cloud infrastructure attack surfaces, and AI supply chain threats. All findings published with reproducible evidence.

$ ls focus/

llm-security/prompt-injection/ai-supply-chain/sagemaker/bedrock/aws/azure-openai/rag-poisoning/cloud-misconfig/ai-red-team/

$_▊

# latest_research

view all →

2026-02-28

Why AWS CloudWatch Costs $1,800+/Month (And How to Do It for $40)

A deep-dive into the real cost of running AWS CloudWatch at scale — including the hidden fees across 15 billing dimensions — and a complete PLG (Prometheus, Loki, Grafana) alternative that cuts your observability bill by 97%.

awscloudwatchcost-optimizationprometheusgrafanalokiobservabilityopen-source

2026-02-28

GitHub Actions Supply Chain Attacks Cost $4.4M Per Incident (Scan for $40/Month)

A deep audit of GitHub Actions supply chain attacks — from the tj-actions/changed-files compromise that hit 23,000+ repos to the hidden cost of unsecured CI/CD pipelines — with a complete self-hosted scanning stack that replaces $25,000/month enterprise tools for $40.

github-actionssupply-chainci-cd-securityopen-sourcezero-daycvestepsecuritygitleakssemgrep

2026-02-27

CVE Hunter: AI/ML Framework Security Audit — The $4.88M Problem You're Ignoring

A comprehensive audit of CVE vulnerabilities across AI/ML frameworks — including PyTorch, TensorFlow, LangFlow, SGLang, and Ollama — with real cost analysis, automated scanning infrastructure via Terraform, and a complete detection lab you can deploy today.

ai-securityml-securitycvevulnerability-managementtensorflowpytorchsagemakerowaspnistlab