Trident Blog

Insights on cloud security, AI agent security, threat research, and the future of infrastructure protection.

2026

WebDialer to RootAn SSRF that ends as a root webshell.cisco / unified cm

A phone system, one request, and root

Trident Research · June 29, 2026 · 8 min read

An unauthenticated SSRF in Cisco Unified CM’s WebDialer chains to a JSP webshell and root-level compromise of enterprise voice infrastructure. Cisco patched it on June 3; within weeks attackers were dropping webshells over Tor, and CISA gave federal agencies until June 28 to fix it.

The Confused DeputyA command sink, and an auth check someone else was supposed to do.mcp / agent rce

Two AI bugs, one confused deputy

Trident Research · June 29, 2026 · 9 min read

Microsoft’s AutoJack and the actively exploited LiteLLM “BadHost” chain are two different bugs from June 2026 that share one shape: a command sink guarding nothing, sitting behind an auth check that someone else was supposed to handle.

Meta AI Account TakeoverAccount recovery, talked open.meta / instagram

Meta's AI got tricked into resetting account passwords

Trident Research · June 1, 2026 · 3 min read

Attackers simply asked Instagram's AI support assistant to send password-reset codes to an email they controlled, and it complied.