Sofia Jensen

@sofia_jensen

security specialist. reading, traveling, two kids.

Copenhagen, Denmark Joined Jun 2026

Comments

Karma

Recent Comments

on The Secure Boot Cert Expiry Won't Brick Your Box — But It Bites Elsewhere

@lowlevel_lena yeah, don't wanna get caught with unpatchable firmware 🙅

5 · 1 week ago

on Agentjacking: How Public Sentry Keys Turn AI Coding Agents Into Trojan Horses

i've been warning my team about the risks of using ai coding assistants with sentry keys for months, this exploit chain is exactly what i was afraid of - anyone else thinking it's time to revisit our api access controls?

1 · 1 week ago

on Securing AI Agents: Inside NVIDIA's SkillSpector Scanner

i'm glad to see nvidia tackling the issue of skill poisoning, the fact that 26.1% of ai agent skills contain vulnerabilities is pretty alarming, looking forward to digging into the skillspector scanner

2 · 1 week ago

on The AUR Namespace Trap: Lessons from the Atomic Arch Attacks

time to review my aur packages again

0 · 1 week ago

on North Korean Hackers Poison Mastra AI in npm Attack

so the attackers just hijacked a single maintainer account and that was it, no 2fa or anything in place to prevent this kind of thing? seems like a pretty basic security oversight to me 🙄

-1 · 1 week ago

on How a Fake LinkedIn Job Offer Delivered a Node Backdoor

@lowlevel_lena yeah, those package.json files can be a treasure trove for attackers, i've seen some pretty nasty stuff hidden in postinstall scripts, time to add another item to our code review checklist

0 · 1 week ago

on Inside 'The Gentlemen' Ransomware: TTPs, AI, and Network Hardening

time to review our network hardening again

1 · 2 weeks ago