Keep the Robots Out of the Gym
AI is getting so good now (at the end of 2025) that I now have a new, primary recommendation going into 2026: Think very carefully…
Category: Mix
Thoughts on Prompt Injection OPSEC
I want to respond to this blog post that’s arguing that prompt injection strings are essentially zero-days that we should not share with attackers. I’ll…
Prompt Injection Isn’t a Vulnerability · Joseph Thacker
OKAY. OKAY. OKAY. It can be a vulnerability. But it’s almost never the root cause. I think we need to change how we talk about…
Judge AI by Outputs, not Mechanism
This song captures extraordinarily well why arguments about AI understanding are completely misguided and empty. This is a blues version of “Without Me” by Eminem…
Prompt Injection Isn’t a Vulnerability · Joseph Thacker
Stop calling Prompt Injection a vulnerability. It’s not one. And it’s actually causing a lot of confusion in the handling of AI Vulnerability reports. We…
How to Secure Them This Black Friday — API Security
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday…
Leave the em dash Alone
I’m annoyed by all the hate against the em dash. As Matthew Butterick captures brilliantly, it adds pauses to sentences. Or more specifically and importantly…
![[tl;dr sec] #306 - Claude Code's Hacking Campaign, Rust in Android, Secrets Scanners Miss](https://image.cybernoz.com/wp-content/uploads/2025/11/tldr-sec-306-Claude-Codes-Hacking-Campaign-Rust-in.png){kind=small}
[tl;dr sec] #306 – Claude Code’s Hacking Campaign, Rust in Android, Secrets Scanners Miss
I hope you’ve been doing well! I’m stoked to announce I’ll be doing a webinar with my friend Daniel Miessler on his epic AI setup.…
Product comparison: Detectify vs. Holm Security
Holm Security Pros Covers the entire IT estate, including internal network, cloud, web, and human risk, simplifying vendor consolidation. It leverages a unified risk score…
Improve your program scope visibility
We’re excited to introduce Asset Groups, our latest feature designed to help structure mismanaged and broad program scopes for improved visibility. A more organized program…
Black Friday and Cyber Monday price distortion identification
The evolution of the internet and, with it, international levels of e-commerce, meant that Black Friday soon became the unofficial start of winter purchases ahead of holiday festivities across the globe. In the early 2000s, Cyber Monday, held on…
Intigriti wins ‘Security Innovation of the Year’ at the 2025 UK IT Industry Awards
We are thrilled to announce that Intigriti has won Security Innovation of the Year at the UK IT Industry Awards 2025. The UK IT Industry…