Writing

AI, Security & Engineering Insights

Practical writing on AI security, large language models, agentic systems, and building AI that works in production - from the field.

Featured

AI CybersecurityJune 9, 20266 min read

When a Prompt Becomes a Shell: Agent Frameworks Are Turning Text Into RCE

Microsoft just traced two prompt injections in Semantic Kernel all the way to host-level code execution. One prompt launched calc.exe. Another wrote a payload to the Windows Startup folder and escaped the container sandbox. The takeaway is blunt: your LLM is not a security boundary, and the tools you expose define your attacker's reach.

AI SecurityPrompt InjectionRemote Code ExecutionAI Agents

AI CybersecurityJune 3, 20266 min read

The $500 Million AI Bill Nobody Threat-Modeled

One company torched roughly $500 million in AI spend in a single month, and the scary part is not the number. It is that nobody noticed until the invoice landed. An agent with no spending guardrail is the same design flaw as an agent with no access guardrail.

AI AgentsAI SecurityNon-Human IdentityPrompt Injection

AI CybersecurityJune 3, 20266 min read

Your AI Coding Agent Will Hand Over Your Machine. SymJack and TrustFall Just Proved It

Two vulnerability classes disclosed in the last two weeks broke nearly every major AI coding agent at once. SymJack makes the approval dialog lie. TrustFall removes the human entirely. The problem is not one product. It is the trust model the whole category shares.

AI AgentsAI SecurityRemote Code ExecutionCoding Agents

AI CybersecurityJune 3, 20266 min read

The Government Just Called AI a Cyber Weapon. Your Threat Model Hasn't Caught Up

On June 2 the White House signed an order asking AI labs to submit frontier models for pre-release testing of their advanced cyber capabilities. You do not build an evaluation pipeline for a capability you think is hypothetical. The order is an admission. Enterprise defenders should read it as one.

AI SecurityAI GovernanceThreat ModelingAI Regulation

AI CybersecurityJune 3, 20266 min read

Your AppSec Program Will Stall in Year Two. Here's Why

Year one of an AppSec program feels productive: scanners deploy, champions emerge, dashboards impress leadership. Then around month thirteen the energy dissipates, the backlog stops shrinking, and the program hits a wall. Here is why it happens and how to plan for it.

AppSecSecurity ProgramVulnerability ManagementDevSecOps

AIMay 28, 20268 min read

Claude Opus 4.8: What AI Leaders Actually Need to Know

Anthropic shipped Claude Opus 4.8 less than two months after 4.7, and the headline is not raw intelligence - it is judgment, honesty, and the ability to run unsupervised for longer. Here is what changed, what the benchmarks mean, and how to think about it if you are deploying AI at scale.

ClaudeAnthropicAgentic AILLM

AI CybersecurityMay 28, 202611 min read

MCP Poisoning: The Supply Chain Attack Hiding Inside Your AI Agent

MCP tool poisoning has gone from theoretical research to documented supply chain incidents affecting hundreds of thousands of deployments. With CVE-2025-54136 exposing remote code execution in Cursor IDE and confirmed registry poisoning across 9 of 11 MCP platforms, this is the most urgent unresolved attack surface in enterprise AI. Here is what it is, what has already happened, and how to actually defend against it.

MCP SecurityTool PoisoningAI Supply ChainPrompt Injection

AIMay 28, 20268 min read

Model Context Protocol: The Standard That's Quietly Wiring AI to Everything

MCP has emerged as the de facto standard for connecting AI models to tools, APIs, and data sources. Here's what it actually is, why it matters, and how to use it correctly in production AI systems.

MCPModel Context ProtocolAI ToolsAgentic AI

AI CybersecurityMay 26, 20269 min read

EU AI Act 2026: What High-Risk AI Systems Actually Need to Comply

The EU AI Act is now in full enforcement. If your AI system touches EU data or EU users, the obligations are real and the penalties are severe. Here's a practical breakdown of what compliance actually requires for high-risk AI deployments.

EU AI ActAI ComplianceAI GovernanceAI Regulation

AI CybersecurityMay 20, 20268 min read

The LLM Threat Landscape: What Every Security Team Needs to Know in 2026

Large language models have fundamentally changed the attack surface for enterprise security. From prompt injection to model inversion, here's a practical breakdown of the threats that matter - and how to defend against them.

LLM SecurityAI ThreatsPrompt InjectionEnterprise Security

AIMay 15, 20267 min read

Agentic AI in the Enterprise: From Chatbot to Autonomous Workforce

The shift from AI as a tool you query to AI as an agent that acts is the biggest architectural change since cloud computing. Here's how forward-looking enterprises are building, deploying, and governing agentic AI systems.

Agentic AIEnterprise AILLMAutomation

All Posts

AI CybersecurityJune 9, 20266 min read

The Lethal Trifecta: Why Your Most Useful AI Agent Is One Bad Email Away From a Breach

Simon Willison named the pattern: an agent with private data access, exposure to untrusted text, and a way to send data out is exploitable by design. EchoLeak and GeminiJack turned that pattern into working attacks against Microsoft 365 Copilot and Google Gemini Enterprise. The fix is not a better prompt. It is removing one leg of the triangle.

AI SecurityPrompt InjectionAI AgentsData Exfiltration

AI CybersecurityMay 24, 20268 min read

Deepfake Threats in 2026: How Synthetic Media is Reshaping Enterprise Security

Deepfake-enabled fraud has moved from a theoretical concern to a category of attacks enterprises are actively defending against. Here's the current threat landscape, the real-world incidents that define it, and the detection and prevention strategies that actually work.

DeepfakesSynthetic MediaSocial EngineeringAI Fraud

AIMay 22, 20267 min read

Reasoning Models in Production: When Extended Thinking Actually Pays Off

Reasoning models like Claude Opus and o3 are powerful but expensive. The engineering challenge is knowing when to use them, how to configure them, and how to build systems that get the value without paying the cost on every request.

Reasoning ModelsClaude OpusExtended ThinkingLLMOps

AI CybersecurityMay 10, 20269 min read

RAG Security: The Hidden Risks in Your Knowledge Base Pipeline

Retrieval-Augmented Generation has become the standard pattern for enterprise AI - but most teams are deploying it without understanding the security implications. Here's what's actually at risk and how to build RAG systems that are secure by design.

RAGAI SecurityKnowledge BaseVector Database

AIMay 5, 202610 min read

Building Production-Ready AI Agents with LangChain: Lessons from the Field

Most LangChain tutorials get you to a working prototype in 20 minutes. Getting that prototype to production-grade takes a different set of skills entirely. Here's what I've learned deploying LangChain agents in enterprise environments.

LangChainAI AgentsProduction AIPython

AIJuly 15, 20254 min read

Teaching AI to Team Up: The Easy Way to Understand MCP

Model Context Protocol is the language AI agents use to coordinate like a well-run human team. Here is an intuitive, jargon-free breakdown of what MCP is, why agents need it, and how it works.

MCPModel Context ProtocolAI AgentsLarge Language Models