AI security

5 posts

Your AI security tool blocks nothing

A red team operator's breakdown of why AI cybersecurity tools are sold as controls but function as telemetry with a verdict attached.

May 25, 2026

Article

Ten thousand bugs from one vendor's machine

Anthropic states Mythos has produced over 10,000 vulnerability findings. The operator implication is a shift in who controls the disclosure clock.

May 24, 2026

Article

AI is making attackers worse, not better.

Defender telemetry through 2026 shows model-mediated attackers produce more volume, less variance, weaker adaptation. Substitution is not uplift.

May 22, 2026

Article

OpenAI's security plan protects nothing yet

M. Hale on the OpenAI cybersecurity action plan: provider-stated intent is not a control, and the consumer still owns the boundary.

May 1, 2026

Article

The Real Risk Isn't AI-It's Context Ignorance in Cybersecurity

AI-generated attacks fail in production due to unvalidated assumptions about access controls. The real risk isn't AI-it's context ignorance in cybersecurity operations.

Apr 20, 2026