π€ I recently published a blog post with a controversial take!
This may be the end of malware analysis and reverse engineering as we know it.
I think AI will change the craft in ways most people are still underestimating.
I explain everything in this post π [β¦]
π€ Next month at @BlackHatEvents Asia, I will be teaching my training "Practical AI for Threat Intel: Real-World Agentic Workflows for Cyber Threat Intelligence."
It is packed with my latest research and labs.
You will learn how to:
- Build agentic [β¦]
[Original post on infosec.exchange]
π€ You've been reading about it, now you can listen to it!
I recently joined Confidence Staveley on the AI Cyber Magazine podcast to talk about my latest work around AI threat intelligence, IoPC, MoltThreats, agent monitoring, and Nova!
Check this out to learn about the AI security trenches! π [β¦]
In a recent report from Socket, a compromised release of the Aqua Trivy VS Code extension on OpenVSX (v1.8.12 and v1.8.13) contained unauthorized code that injected prompts targeting local AI coding agents such as Copilot, Claude, and Codex.
The prompts [β¦]
[Original post on infosec.exchange]
π€ New blog post on the Nova ecosystem for prompt hunting!
@pedrinazzim just released the Nova Rules Validation and Testing Pipeline, it is designed to automatically validate, test, and evaluate Nova rules!
As the rules repo grow, this will help us keep the repository reliable and avoid [β¦]
π€ I was one of the technical reviewers for the latest @veritasium video on the XZ backdoor.
It brought me back to the four days without sleep I spent analyzing this case!
They did a great job making the story accessible and keep the technical accuracy π
https://www.youtube.com/watch?v=aoag03mSuXQ
π€ Most AI CTI agents are useless. They generate noise instead of intelligence!
We don't need more summaries. We need better ways to interact with information.
So I experimented with Generative UI (not Generative AI) and I built a playground called IntelWall, like an investigation board [β¦]
π€ Next week I am honored to deliver the keynote at the Malware and Reverse Engineering Conference in Melbourne!
I will talk about the state of malware analysis in the AI era. Come say hi If you are around to discuss binaries!
https://asterion.federation.edu.au/mre-2026-conference-portal#/
π€ Happy to see that my DEFCON talk on crypto money laundering and tracking techniques was featured in the DEFCON 33 Almanac!
Read it here: https://harris.uchicago.edu/sites/default/files/the_def_con_33_hackers_almanack.pdf
π€ My latest newsletter is out!
I share what I have been building lately around AI security, agents, MoltThreats, SHIELD.md, and upcoming trainings!
If you want to see where this is going, have a look π
https://newsletter.securitybreak.io/archive/copy-of-a-quick-end-of-year-note-8665
π¦ MoltThreats, the threat intelligence feed I created for OpenClaw and AI agents, was featured in the latest video from John Hammond!
Check it out to see how it works and to learn more about the security around OpenClawπ
https://youtu.be/BzUBdvCdlSU?si=FiPqffdx5Nrcqijh&t=452
π€© Xavier Marrugat recently shipped two tools that extend the Nova ecosystem with integration of PromptIntel and MoltThreats!
1οΈβ£ Carapace: A prompt injection detection plugin for OpenClaw.
It integrates Nova + PromptIntel to detect adversarial prompts [β¦]
[Original post on infosec.exchange]
π€ NOVA just plugged into the CTI ecosystem!
Dogesec published a blog showing how PromptIntel and NOVA rules can be embedded inside STIX 2.1 as real Indicators.
This is Adversarial Prompt Intelligence plugged into security workflows!
Read the blog to learn [β¦]
[Original post on infosec.exchange]
π€ At BlackHat Asia in Singapore, I am running two advanced AI trainings with my friend Maxime Cousseau that go beyond slides and hype. You will build and break real AI systems!
π€ Practical GenAI for CTI β 2 Days
Stop watching demos. Build real agentic [β¦]
[Original post on infosec.exchange]
π€ Let me introduce you to MoltThreats: The first AI Threat Intel Feed for Ai Agents!
In one week, OpenClaw became a widely used general AI agent. People started to run their own agents all over the world and connect them directly to the internet.
But this [β¦]
[Original post on infosec.exchange]
π€ Agent skills are more and more used by AI agents. This is a powerful capability boost but it also increases the risk of compromise.
I have updated my tool Nova Proximity (previously Proximity) to let you scan a skill before you use it. I also updated the MCP support so you can scan the latest [β¦]
π€© Happy to announce that I will present the Nova ecosystem at BlackHat Asia.
Nova is an open source suite focused on AI security, agentic workflow monitoring, and AI threat hunting for adversarial prompts.
This talk will introduce a major update of the [β¦]
[Original post on infosec.exchange]
I believe the future of the Internet will be an Internet of AI agents, I wrote an essay on this topic. Have a look π
https://x.com/fr0gger_/status/2015288641854279904?s=20
π€ I recently wrote a blog about a tool I built to monitor and audit coding agent sessions. If you are curious about what the report looks like check out this short video.
It give you full traceability and a clear overview of what Claude Code did π
blog [β¦]
[Original post on infosec.exchange]
Two Adversarial Prompts recently added into PromptIntel by @MiggoSecurity and @trailofbits
Check this out π
https://promptintel.novahunting.ai/feed
β¨ This year I will teach two trainings at @blackhatevents Asia in April!
π§ Practical GenAI for Threat Intel: Real World Agentic Workflows for Cyber Threat Intelligence (2 days)
Latest version of the course, with a strong focus on agent architectures [β¦]
[Original post on infosec.exchange]
π€ Are you using Claude Code?
If yes, do you actually know what it did during your last 60 minute session?
Which files it touched, which tools it called, which websites it fetched?
If you cannot answer those questions, you should read my latest blog.
I break down AI coding agent visibility and [β¦]
π₯ Reprompt attack exploit the q parameter in your AI system!
The q parameter is used on AI platforms to transmit a user prompt via the URL. You can embed a question or instruction in this parameter and the input field is auto populated on page load and the [β¦]
[Original post on infosec.exchange]
π In the AI world "Hi" is not a greeting. It is a probe!
A recent campaign shows attackers actively targeting LLM deployments. They send harmless prompts to fingerprint exposed models following the same prompt sequence.
π Full report [β¦]
[Original post on infosec.exchange]
β¨ This year I will teach two trainings at @blackhatevents Asia in April!
π§ Practical GenAI for Threat Intel: Real World Agentic Workflows for Cyber Threat Intelligence (2 days)
Latest version of the course, with a strong focus on agent architectures [β¦]
[Original post on infosec.exchange]
Happy New Year everyone π
I just came back from the break and was very happy to receive my @SANSInstitute Institute Difference Maker Award. A huge honor to have it here with me!
...Now back to work after the holidays to secure and break all things AI π€
π
The AI x Sec Advent is finished! Thanks a lot for following it!
If you want to revisit it, I created a dynamic calendar where you can click on each day and reread the posts!
Have a look and let me know if you can find the Easter egg π
Merry Christmas π [β¦]
[Original post on infosec.exchange]
π GenAI x Sec Advent 24 β Final day π
Last year, I created DocYara, an AI agent designed to help you learn and build better YARA rules.
Today I am happy to announce the next version of DocYara. The platform now lets you upload a sample, and DocYara [β¦]
[Original post on infosec.exchange]
π GenAI x Sec Advent 23 - From GenAI to GenUI
Humans are visual. We understand and assimilate information better through graphics and design.
Yet most AI systems (for CTI at least) generate more noise than real value!
Last month MCP integrated MCP UI into [β¦]
[Original post on infosec.exchange]
π GenAI x Sec Advent 22 - Canary Tokens for prompt and context leakage
For many AI systems, the system prompt is proprietary data that defines how the model or the system behaves. This is critical as it often contains sensitive information, security [β¦]
[Original post on infosec.exchange]
