Came to work dressed as a Kpop demon hunter.

We found a sus pentesting LLM/MCP infrastructure in the wild:

na2.hubs.ly/H013vv80

Zero-Click Agentic AI Exfiltration.

I’m glad I can finally share some of the work our team has done.

www.straiker.ai/blog/the-sil...

🎙 Vinay Pidathala of Straiker presents at Black Hat USA 2025:

Preventing Autonomous Chaos in AI Agents via Systematic Evaluation
🗓 Wed, Aug 6, 2025 · 5:00 PM
📍 Startup City Theater, Business Hall D

#BlackHatUSA #AISecurity #AIredteam #StraikerAI #AgenticAI

I’m sorry the VMs are not on virus total, only the malware samples. You can set up a VM with github.com/mandiant/fla...

I can’t host it on google drive (was previously hosted there) but you can download the samples from virustotal

I’m sorry, it’s down until I can find a free hosting solution.

I am just elated that midjourney can animate one of my own drawings. It’s so freaking cute!

After moving over to ai security research…

AI agents are really the wild west for security right now.

I’ve officially pivoted to AI security research at @straikerai.bsky.social

a little girl wearing a pink jacket is sitting at a table ALT: a little girl wearing a pink jacket is sitting at a table

Why though? I use to work there

Is it me or is the pollen a bit ridiculous this summer?

Introducing Claude 4 Discover Claude 4's breakthrough AI capabilities. Experience more reliable, interpretable assistance for complex tasks across work and learning.

Claude 4 Opus 4 and Sonnet 4

www.anthropic.com/news/claude-4

Vibe coding: I find its quick to make code but I end up spending more time debugging the damn thing from its poor logic choices. It’s creating new jobs for code quality analysis ;)

They opened a Nintendo store in San Francisco but make you buy tickets for being able to go inside the store opening weekend. 🥲

Amen

Yep, unfortunately I have to shut it down this month, try again in June. Hosting isn’t free 🤷‍♀️

Before considering using Llamasharp, know that it pulls in a unmanaged NativeAPI DLL underneath. Make sure you’re doing your library load integrity checking.

My little klee kai, Pixel, grew up too quickly

Weee playing with rust hypervisor bootloaders

Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves | Microsoft Community Hub Virtualization-Based Security (VBS) enclaves use the hypervisor’s virtual trust levels (VTLs) to isolate regions of memory and code execution within a...

I wrote a blog post on hardening Virtualization-Based Security enclaves. Check it out!

The links are not dead but only served to the US region.

What an interesting instagram account takeover spam link. First they suspend your account then send you these fake recovery links. Seems like they target folks with ads accounts specifically.

Part 2 of our administrator protection blog is up techcommunity.microsoft.com/blog/microso...

Seeing a jump of new users on #pixelfed (supposedly the instagram-killer).

Roses are red.
His eyes are blue.
Here he comes…
to steal your girl from you.

Evolving the Windows User Model – A Look to the Past | Microsoft Community Hub  

Part 1 of how administrator protection came to be: Evolving the windows user model. Happy to see this finally published.
techcommunity.microsoft.com/blog/microso...

Seems like security teams are not safe from this round of layoffs.

Alaskan Klee kai (mini husky)