<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Ledger Donjon Blog</title><description>Security research from the Donjon team at Ledger.</description><link>https://donjon.ledger.com/</link><item><title>A Second-Order Side-Channel Attack on Masked Kyber768</title><link>https://donjon.ledger.com/blog/second-order-side-channel-attack-masked-kyber768/</link><guid isPermaLink="true">https://donjon.ledger.com/blog/second-order-side-channel-attack-masked-kyber768/</guid><description>Part 3 of our series on side-channel attacks against post-quantum cryptography: masking defeats the first-order attack, but &lt;mark&gt;masked Kyber768&lt;/mark&gt; still falls to a second-order CPA.</description><pubDate>Fri, 26 Jun 2026 00:00:00 GMT</pubDate></item><item><title>No Fight, No Chance: Security Teams Must Become Hybrid AI Teams</title><link>https://donjon.ledger.com/blog/ai-security-harness-cerberus/</link><guid isPermaLink="true">https://donjon.ledger.com/blog/ai-security-harness-cerberus/</guid><description>The Ledger Donjon&apos;s journey from AI-assisted development to an AI security harness, and why &lt;mark&gt;offense is no longer only the best defense, but a required security capability.&lt;/mark&gt;</description><pubDate>Wed, 17 Jun 2026 00:00:00 GMT</pubDate></item><item><title>Non-Profiled Deep Learning Side-Channel Attacks on ML-KEM</title><link>https://donjon.ledger.com/blog/non-profiled-deep-learning-sca-ml-kem/</link><guid isPermaLink="true">https://donjon.ledger.com/blog/non-profiled-deep-learning-sca-ml-kem/</guid><description>Part 2 of our series on side-channel attacks against post-quantum cryptography: we break the &lt;mark&gt;CRYSTALS ML-KEM reference implementation&lt;/mark&gt; with a non-profiled deep learning attack — no clone device, no leakage model.</description><pubDate>Thu, 11 Jun 2026 00:00:00 GMT</pubDate></item><item><title>Laser Fault Injection on the TROPIC01 Open-Source Secure Element</title><link>https://donjon.ledger.com/blog/tropic01-laser-fault-injection/</link><guid isPermaLink="true">https://donjon.ledger.com/blog/tropic01-laser-fault-injection/</guid><description>We used laser fault injection to bypass Ed25519 signature verification on the &lt;mark&gt;TROPIC01 open-source secure element&lt;/mark&gt;, achieving arbitrary firmware execution.</description><pubDate>Wed, 03 Jun 2026 00:00:00 GMT</pubDate></item></channel></rss>