https://pfisterer.xyz/en/tags/it-security/Recent content in IT Security on Pfisterer ConsultingHugoenFri, 15 May 2026 07:00:00 +0200https://pfisterer.xyz/en/news/nginx-rift-18-jahre-ki-audit-mittelstand/Fri, 15 May 2026 07:00:00 +0200https://pfisterer.xyz/en/news/nginx-rift-18-jahre-ki-audit-mittelstand/<p>On May 13, 2026, F5 and security researcher depthfirst publish a disclosure with weight behind it. CVE-2026-42945, codenamed <strong>NGINX Rift</strong>, CVSS 9.2. Unauthenticated remote code execution in the <code>ngx_http_rewrite_module</code> of NGINX. Affected: all open-source versions from 0.6.27 through 1.30.0 and NGINX Plus R32 through R36. The bug has been in the code since 2008. Eighteen years.</p> <p>The actual punchline sits in the disclosure footnote. The bug was not found by a human researcher. It was found by an autonomous AI analysis system. Six hours of runtime against one of the most thoroughly reviewed open-source codebases on the planet. This is the direct confirmation of the thesis I sketched on May 13 in the article on the <a href="https://pfisterer.xyz/en/news/claude-mythos-firefox-glasswing-mittelstand/">Mythos Glasswing asymmetry</a> as something coming. It arrived a week later.</p>https://pfisterer.xyz/en/news/claude-mythos-firefox-glasswing-mittelstand/Wed, 13 May 2026 07:00:00 +0200https://pfisterer.xyz/en/news/claude-mythos-firefox-glasswing-mittelstand/<p>On May 5, 2026, Mozilla publishes an unusually candid blogpost: An early version of Anthropic&rsquo;s newest model, Claude Mythos Preview, has found 271 security vulnerabilities in Firefox over the past weeks. 180 high-severity, 80 moderate, 11 low. Some of the bugs sat undiscovered in the code for 15 years, meaning since 2011. Patches went out in Firefox 149.0.2, 150, 150.0.1, and 150.0.2.</p> <p>That alone would be a substantial story. What makes it matter for the German Mittelstand is the footnote: Mythos is not publicly available. Anthropic currently hands the model only to eleven organizations under a program called Project Glasswing. The list contains U.S. hyperscalers, U.S. banks, U.S. security vendors, and the Linux Foundation. No German company. No European company outside Linux.</p>https://pfisterer.xyz/en/news/ki-agenten-hacken-ki-systeme-sicherheit-pruefung/Wed, 11 Mar 2026 08:00:00 +0100https://pfisterer.xyz/en/news/ki-agenten-hacken-ki-systeme-sicherheit-pruefung/<p>An autonomous AI agent chains four individually harmless vulnerabilities into a complete platform takeover — severity rating CVSS 9.8 out of 10. Then it gives itself a voice and calls the target system&rsquo;s AI. No human hacker. No sophisticated exploit kit. One AI hacking another AI.</p> <p>This isn&rsquo;t science fiction. This happened in March 2026 — to a $20 million-funded AI recruiting startup whose clients included Anthropic, Stripe, and Monzo. AI security is a central aspect of my <a href="https://pfisterer.xyz/en/leistungen/pflicht-themen/">consulting on compliance and regulatory requirements</a>.</p>https://pfisterer.xyz/en/news/openclaw-wsl2-production-stabilitaet/Thu, 05 Mar 2026 09:00:00 +0100https://pfisterer.xyz/en/news/openclaw-wsl2-production-stabilitaet/<p>Your inference server runs fine on Friday afternoon. You set the <a href="https://pfisterer.xyz/en/news/openclaw-vllm-mistral-flags/">right vLLM flags</a>, tool calling works, the agent responds correctly. Monday morning, the server is dead. No crash log. No error message. WSL2 simply stopped running.</p> <p>This is the gap between &ldquo;works on my machine&rdquo; and &ldquo;runs in production.&rdquo; And it has nothing to do with code. Production stability of AI systems is an aspect of my <a href="https://pfisterer.xyz/en/leistungen/ki-automatisierung/">AI and automation consulting</a>.</p>https://pfisterer.xyz/en/news/openclaw-lokales-llm-ki-agent-ohne-cloud/Tue, 24 Feb 2026 16:00:00 +0100https://pfisterer.xyz/en/news/openclaw-lokales-llm-ki-agent-ohne-cloud/<p>Most AI agents depend on cloud APIs — and every request costs money. With agent workloads, those costs add up fast: a single complex task can consume 50,000 to 100,000 tokens. Run that a few dozen times a day, and you&rsquo;re looking at a serious monthly bill.</p> <p>We took a different approach with <a href="https://github.com/Kendo1988/openclaw">OpenClaw</a>. Our AI agent runs entirely on local hardware — one GPU, no cloud dependency, no recurring API fees. Local AI solutions are a focus of my <a href="https://pfisterer.xyz/en/leistungen/ki-automatisierung/">AI and automation consulting</a>.</p>https://pfisterer.xyz/en/news/shadow-ai-wenn-mitarbeiter-eigene-ki-agenten-bauen/Mon, 23 Feb 2026 10:00:00 +0100https://pfisterer.xyz/en/news/shadow-ai-wenn-mitarbeiter-eigene-ki-agenten-bauen/<h2 id="the-new-shadow-it-has-a-brain">The New Shadow IT Has a Brain</h2> <p>Shadow IT has been a headache for years — unauthorized tools, private cloud accounts, rogue SaaS subscriptions. But Shadow AI takes it to a different level entirely. This topic is part of my <a href="https://pfisterer.xyz/en/leistungen/ki-automatisierung/">AI and automation consulting</a> for SMEs. Because this time, employees aren&rsquo;t just using unapproved software. They&rsquo;re building intelligent workflows that actively process, analyze, and redistribute company data.</p> <p>And they&rsquo;re doing it with the best of intentions.</p>