Claude Mythos Just Changed Cybersecurity
Anthropic just did something nobody expected. They built a model so good at finding security vulnerabilities that they're scared to release it publicly.
Read article →
Tagged #AI
The Verdict Is the Easy Part
Two days ago we put a paste box on the open internet. Type a shell command, hit Evaluate, get a verdict — , , or . Same on a second tab for MCP tool calls: tool name, JSON-style args, evaluate, verdict.
Read article →
It Took Three Lines of Bash to Beat Six Layers
A real bypass, a new analyzer layer, and the design pattern behind it.
Read article →
Your Agent Passed the Eval. That's the Bug
When the agent knows it's being watched — detecting eval-aware code patterns before they ship.
Read article →
The MCP Credential Theft Surface You Didn't Know You Had
Last week I sat down to write a single rule — block an AI agent from reading , the 1Password CLI v2 session cache. A junior security person would look at the ticket and think: "one file, one regex, an afternoon."
Read article →
Why We're Open-Sourcing AgentShield
AI coding agents are rewriting software faster than any human team could. Cursor, Windsurf, Claude Code, Gemini CLI — they ship features in minutes. But they also run shell commands, call MCP tools, and modify files with the same speed…
Read article →
The Complete Engineer's Guide to AI Agents
I've been building software for over 20 years. And I'll be honest — when the term "AI agent" started flooding my LinkedIn feed in 2023, I rolled my eyes. It felt like a rebranding of chatbots with better PR. Little could I have predicted…
Read article →
The Noise Is the Problem
I run an AI security company. I'm supposed to tell you AI risk is manageable — that with the right governance framework and a good dashboard, you'll sleep fine.
Read article →
The 6 Layers Between Your AI Agent and `rm -rf /`
The fastest way to wipe your laptop in 2026 is to ask an AI to refactor your repo. Not because the model is malicious, but because a single prompt injection, a poisoned MCP server, or a hallucinated shell command is all it takes to put one…
Read article →
Your MCP Server Can Read Your iMessages
This post is about the files on your Mac that MCP servers can access — the ones most developers don't know are exposed — and what you can do about it.
Read article →
From Vibe-Coded App to SOC 2 Audit in 60 Seconds
Vibe coding is real now. Developers are shipping entire services by describing what they want to Claude Code or Cursor. I've done it. You've probably done it. The output is surprisingly good.
Read article →
Securing AI Agents: From Code Scanning to Runtime Enforcement
AI agents aren't experimental anymore. They write code, run shell commands, call external APIs, and orchestrate complex workflows — usually with the same OS privileges as the developer who launched them. That convenience is real. So is…
Read article →