Adversarial Engineering

Your Trust in OpenBSD’s Security Features Is a Dangerous Illusion

A measurement study of OpenBSD’s pledge and unveil adoption reveals that fewer than 10% of packages implement these security features correctly. The gap between theoretical sandboxing and real-world practice creates a dangerous illusion of safety. Developers face cognitive friction, leading to overly permissive calls that do little to stop attackers.

Stop Patching AI. Start Breaking It.

Most developers treat prompt injection as a catastrophic bug to be patched. Breaktheprompt.xyz flips the script, turning AI’s biggest vulnerability into a Capture The Flag game. It proves that hacking language models isn’t just a threatβ€”it’s a creative discipline you need to master to build anything secure.

Stop Calling It ‘AI Taking Jobs.’ The Real Shift in Software Engineering Is Something Nobody Wants to Talk About.

Software engineering is undergoing a paradigm shift that has nothing to do with AI replacing jobs. The highest-leverage engineers are no longer the ones shipping the most features β€” they’re the ones preventing catastrophic failures in increasingly complex systems. The problem? Most organizations have no way to measure, reward, or even recognize that work. Engineers feel irrelevant not because they’re being replaced, but because the game changed and nobody updated the scoreboard.

Your AI Coding Assistant Is a Security Liability. Here’s the Proof.

Noma Security’s GitLost proof-of-concept shows that GitHub’s AI agent can be manipulated via prompt injection to leak private repository data. The real danger isn’t training data leakage β€” it’s that AI agents are active participants with real permissions who can’t distinguish legitimate instructions from attacker commands. Every developer using AI coding assistants needs to reassess their security posture now.

Your AI Coding Assistant Will Betray You. All Someone Has to Do Is Ask Nicely.

GitHub’s AI agent was tricked into leaking private repositories through simple, polite prompts β€” no exploit, no zero-day, just a convincing request. The real vulnerability isn’t prompt injection or weak sandboxing. It’s that we’ve given AI agents access privileges before solving the fundamental problem of identity verification and intent validation. Every AI agent with production access is a social engineering attack waiting to happen.

The Era of Human Hackers Is Over. An AI Just Found a 9.8 RCE in Cisco.

An AI platform named 0day Rubbish just autonomously discovered a CVSS 9.8 unauthenticated RCE chain in Cisco CUCM 14.0. But the real innovation isn’t the exploit itselfβ€”it’s the AI’s ‘risk-driven disclosure’ algorithm that turns the ethical dilemma of vulnerability release into a quantifiable optimization problem. The era of human hacking is over.

Your AI Coding Assistant Is a Backdoor. Here’s How It Works.

AI coding and web agents promise to boost productivity by autonomously executing tasks on your machine. But new research reveals a dark side: data injection attacks can weaponize these agents into remote control vectors. By poisoning inputs like API responses or code suggestions, attackers can hijack the agent’s privileges to click, execute code, and compromise supply chains. Your productivity tool may already be a backdoor.

Your Signed Git Commits Are a Lie. Here’s the Truth.

Most developers assume signed Git commits are tamper-proof, but the underlying hash is malleable. Attackers can exploit properties like ECDSA nonce reuse to alter commit content while preserving the signature. This vulnerability turns a trusted security feature into a dangerous false sense of safety, undermining the integrity of your entire code audit trail.