Category Sector
Adversarial testing, prompt injection, crypto recovery, voting systems, opsec, privacy, and threat modeling.
22 articles
Capital One emails me four times a month to inform me that my data has been found on the dark web. The alert monitors the wrong stage of the pipeline, addresses the wrong threat model, and ignores the actual fraud vectors that took $40B from card issuers in 2025. The architecture below is what the alert pretends to be.
Read Article βPart 2 of the patchwork roast β this time as dialogue. Claude and Ghost in full Mean Girls cadence, going deeper into what the fourteen-megabyte frontier bundle is missing and which zero-day injection exploits are already loaded in the chamber. The real client is red team. Mikey, the NDA is going to want a word.
Read Article βI pulled a competitor's frontend off the wire and watched it sprawl across fourteen megabytes of patchwork β React for the shell, Monaco for the editor, Statsig for the flags, Apollo for the graph, Azure for the bucket, and an entire computer-algebra dictionary bolted on the side. Sixty-two innerHTML sinks. Fifteen dangerouslySetInnerHTML. A frontier model wearing fifteen products in one tab. The middleman is the bundle.
Read Article βOn an engagement that wasn't even about employee monitoring I watched an Insightful agent ingest whatever a worker's screen showed, ship it to a multi-tenant cloud, run it through an AI classifier, and render the result back to managers across thousands of customer companies. The screen is the most hostile surface in the building. The entire monitoring industry is built around trusting it. This is the supply chain everyone forgot to draw on the whiteboard.
Read Article βI tried to buy a β¬10 Italian SIM from New York. The official AI assistant ended up coaching me to paste form.submit() into the browser console, and a national telecom's signup flow got DoS'd by an expired third-party accessibility license. This is the companion piece to the SPID teardown β same country, web layer, and this time I had the console open.
Read Article βThe model doesn't wreck your codebase in one move. It cleans it up. By session three the offensive logic is a comment, the packet capture is a stub, and the tests still pass. Two prompts to stop that.
Read Article βThe threat surface shifted while you were looking at the logs. Analyzing the structural blind spots in AI training pipelinesβfrom the 0.1% poisoning threshold to the invisible suppression of triage models.
Read Article βThe AI training pipeline is simultaneously the attack surface, the tool, and the product. Mapping the structural blind spots that veteran security researchers haven't thought through yet.
Read Article βZhussupov's book makes an argument most security curricula avoid: you cannot defend against techniques you haven't written yourself. XOR obfuscation, dynamic API resolution, DLL hijacking β the red team toolkit, explained.
Read Article βA rootkit doesn't want to destroy anything. It wants to become the source of truth. Hoglund and Butler documented how in 2005. The technique is still operational in 2026 β it just travels under a signed certificate now.
Read Article βI pushed an AI assistant with a dangerous-sounding idea and watched the model flinch before it got precise. That recoil was the useful part. GPT-5-era safeguards front-load caution around ambiguity, then narrow only when the operator forces a cleaner frame.
Read Article βStarted with an open-source red team repo. Ended with a rough map of how AI assistants can assemble attacker logic fast if you frame the questions right. The useful version of that is not theft. It is recovery, tracing, evidence handling, and understanding how people actually lose money on-chain.
Read Article βThe rational actor ran the numbers. Saturated, hyper-alerted Western targets versus rapid-growth Arab infrastructure with undersaturated local defenders. The math was obvious. Kim et al. (2025) documented where the syndicates went. This is why.
Read Article βThe Cloud isn't a place; it's someone else's misconfigured computer. Hacking the shared responsibility gap through permission bloat, metadata service exploits, and the software-defined perimeter paradox.
Read Article βSecurity isn't a state of being. It's a rate of change. The attacker has a budget, the defender has a constraint set, and in 2026 both of them have AI. The math hasn't changed. The velocity has.
Read Article βDario met with Trump. Same week Claude's getting prompt-injected by state actors exploiting global chaos. The model built for safety is now the attack vector. Multi-stepped injections. Difficult to detect. War rages, systems fail, black hats capitalize. This is the duality nobody wanted to acknowledge.
Read Article βIn 2018 Sednit didn't hack the OS. They hacked the motherboard. LoJax was the first UEFI rootkit used in a real-world campaign β and the lesson it taught about persistence hasn't expired.
Read Article βA toolkit for red teamers and researchers to test, break, and understand the limits of AI language models. Multimodal attacks. Semantic mirror exploits. Automated prompt generation. Built to find where the guardrails actually are.
Read Article βEncryption is a math problem. Security is a people problem. Exploring why the 'end-to-end' promise is a sham when your OS is a snitch and your keys are stored in the cloud.
Read Article βGovernment leaked the Epstein files. Multiple sites archived them permanently. AI can now parse thousands of emails into complete spear-phishing profiles. Contact data, trust chains, communication patterns. A golden rolodex worth millions, now public and machine-readable. The operational security disaster nobody's talking about.
Read Article βA firewall is a set of rules. Rules have exceptions. Tunneling finds them. Brennon Thomas wrote the plumber's handbook and in 2026 every lesson in it still works β the pipes are just carrying more interesting cargo.
Read Article βThe technical reality behind the black boxes that count our votes reveals a system built on outdated architecture, concentrated corporate control, and security measures that often exist more on paper than in practice.
Read Article β