The Two Primary Limitations to Our Creativity
Two types of creative barriers that limit our potential I think there are two primary ways we limit our own...
Read more →Category: Mix
Who’s Not Getting Laid Off?
Who’s not being laid off? That’s my question. I’m thinking about all these layoffs and trying to figure out if...
Read more →The Third Limitation to Creativity
I just wrote a new piece about the two primary limitations to creativity. You should check it out. But after...
Read more →MCPs are just other people’s prompts and other people’s APIs
I’ve been thinking about Model Context Protocols (MCPs) for months, and here’s the simplest way to explain what they actually...
Read more →MCPs are just other people’s prompts and other people’s APIs
The Simple Truth About MCPs I’ve been thinking about Model Context Protocols (MCPs) for months, and here’s the simplest way...
Read more →Exploiting API4 — 8 Real-World Unrestricted Resource Consumption Attack Scenarios (and How to Stop Them) — API Security
Unrestricted Resource Consumption (API4:2023) is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial...
Read more →![[tl;dr sec] #293 - MCP Security, AWS Enumeration, North Korean Hacker's Files Leaked](https://cybernoz.com/wp-content/uploads/2025/08/tldr-sec-293-MCP-Security-AWS-Enumeration-North-Korean-360x270.png "[tl;dr sec] #293 - MCP Security, AWS Enumeration, North Korean Hacker's Files Leaked 14")
[tl;dr sec] #293 – MCP Security, AWS Enumeration, North Korean Hacker’s Files Leaked
Rage-fueled Rewrite Monday morning I discovered that some tl;dr sec automation I’d built in Zapier randomly stopped working, despite me...
Read more →Protecting Your AI-Powered Infrastructure — API Security
With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems –...
Read more →
AI Models Are Not Safety-Tuned for Kids · Joseph Thacker
It hit me like a lightning bolt during a casual conversation about AI safety: we’re tuning these models for adults,...
Read more →
The Quest for the Shortest Domain · Joseph Thacker
In the world of bug bounty hunting, having a short domain for XSS payloads can be the difference in exploiting...
Read more →The Third Limitation to Creativity
The moment when you realize what was previously impossible is now trivial I just wrote a new piece about the...
Read more →
strategic guidance for CISOs and cybersecurity leaders
If you are a CISO or cybersecurity leader looking to scale your bug bounty program but are not sure when the right time to do...
Read more →