""In our lab testing, we achieved a sustained rate of hundreds of password guesses per second from browser JavaScript alone," explains Oasis.

"At that speed, a list of common passwords is exhausted in under a second, and a large dictionary would take only minutes. A human-chosen password doesn't stand a chance."

With an authenticated session and admin permissions, the attacker can now interact directly with the AI platform, dumping credentials, listing connected nodes, stealing credentials, and reading application logs."

tech

""In our lab testing, we achieved a sustained rate of hundreds of password guesses per second from browser JavaScript alone," explains Oasis.

"At that speed, a list of common passwords is exhausted in under a second, and a large dictionary would take only minutes. A human-chosen password doesn't stand a chance."

With an authenticated session and admin permissions, the attacker can now interact directly with the AI platform, dumping credentials, listing connected nodes, stealing credentials, and reading application logs."