Quoting Sameer Al-Sakran: Welcome to the strip mining era of open source security
Open source security faces an AI-driven vulnerability gold rush.
The Monthly Dispatch - April 2026
April 2026 AI roundup: OpenAI-Microsoft restructure, AWS partnership, Claude Opus 4.7, GPT-5.5, major security breaches, and the wildest model leaks yet.
The Monthly Dispatch - March 2026
New models everywhere, agents getting hijacked in creative ways, the human cost of AI overload, and Anthropic's leaked Mythos project.
Moltbook is fascinating, and kind of terrifying
Watching AI agents interact on Moltbook is fascinating, weird, and a bit concerning.
Quoting Johann Rehberger: The Normalization of Deviance in AI
Discover how the normalization of deviance threatens AI systems (or why companies gradually accept risky shortcuts)
Quoting Bruce Schneier: We Are Still Unable to Secure LLMs
Bruce Schneier argues we still lack defenses against malicious LLM inputs and outlines why current security approaches fall short.
What is Slopsquatting?
Explaining slopsquatting—the tactic of registering fake packages that LLMs hallucinate, priming supply-chain attacks.
Curious & Confused: TIL in May - June 2025
Notes from May–June explorations: AI agents, security quirks, regulation chatter, and context engineering experiments.
Quoting Simon Willison: The lethal trifecta for AI agents
Simon Willison outlines the lethal trifecta for AI agents—private data, untrusted content, and external communication risks.
How secure is MCP, really?
Exploring the security risks of MCP and why it may not be production-ready. Key vulnerabilities include shell access and secret exposure.