CCyberFreak999incyberfreak.hashnode.dev·Apr 20 · 6 min readAPI Authentication Explained(Part 3): API Gateway Architecture & Trust BoundariesA system can use OAuth. It can issue signed tokens. It can even validate them correctly. And still get breached. Why? Because security doesn’t fail at authentication — it fails at trust boundaries. Mo00
CCyberFreak999incyberfreak.hashnode.dev·Apr 9 · 5 min readAI Threat Modelling: Data Poisoning & Training Attacks in AI SystemsAn AI model is deployed to classify financial transactions as legitimate or fraudulent. It performs well—accurate, reliable, trusted. Months later, certain fraudulent transactions start slipping throu00
CCyberFreak999incyberfreak.hashnode.dev·Mar 28 · 4 min readAI Threat Modelling: Understanding Attack Surfaces in Modern AI SystemsA company deploys an AI-powered chatbot to assist customers. It works perfectly—until one day, it starts leaking internal email addresses and generating unexpected responses from external content. No 01M
CCyberFreak999incyberfreak.hashnode.dev·Mar 20 · 3 min readAPI Authentication Explained (Part 2): API Gateways, Token Validation and AuthorisationWhile Part 1 covered authentication fundamentals and OAuth flows, this section focuses on how APIs validate tokens and enforce authorisation in real-world architectures. Why API Gateways Are Important00
CCyberFreak999incyberfreak.hashnode.dev·Mar 11 · 6 min readAPI Authentication Explained(Part 1): OAuth, JWT & Token BasicsModern applications rely heavily on APIs to exchange data between services, mobile apps, and third-party integrations. Because APIs often expose sensitive data and business logic, authentication becom00
