Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has…
AI is getting so good now (at the end of 2025) that I now have a new, primary recommendation going into 2026: Think very carefully…
I want to respond to my buddy Joseph Thacker’s blog post about Prompt Injection and whether or not it’s a vulnerability. josephthacker.com Prompt Injection Isn’t…
At Intigriti, we host monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security research community. This month, we’ve decided…
When excellence itself becomes the marker of AI, not human talent November 24, 2025 Nano Banana Pro has shown me a type of AI dystopia…
AI is getting so good now (at the end of 2025) that I now have a new, primary recommendation going into 2026: Think very carefully…
I want to respond to this blog post that’s arguing that prompt injection strings are essentially zero-days that we should not share with attackers. I’ll…
OKAY. OKAY. OKAY. It can be a vulnerability. But it’s almost never the root cause. I think we need to change how we talk about…
This song captures extraordinarily well why arguments about AI understanding are completely misguided and empty. This is a blues version of “Without Me” by Eminem…
Stop calling Prompt Injection a vulnerability. It’s not one. And it’s actually causing a lot of confusion in the handling of AI Vulnerability reports. We…
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday…
I’m annoyed by all the hate against the em dash. As Matthew Butterick captures brilliantly, it adds pauses to sentences. Or more specifically and importantly…
