https://www.mbgsec.com/archive/2021-11-18-addressing-the-low-code-security-elephant-in-the-room/ 2021-11-18T00:00:00+00:00 https://www.mbgsec.com/archive/2022-04-18-why-so-many-security-experts-are-concerned-about-low-code-no-code-apps/ 2022-04-18T00:00:00+00:00 https://www.mbgsec.com/archive/2022-05-16-you-can-t-opt-out-of-citizen-development/ 2022-05-16T00:00:00+00:00 https://www.mbgsec.com/archive/2022-06-20-credential-sharing-as-a-service-the-hidden-risk-of-low-code-no-code/ 2022-06-20T00:00:00+00:00 https://www.mbgsec.com/archive/2022-07-22-watch-out-for-user-impersonation-in-low-code-no-code-apps/ 2022-07-22T00:00:00+00:00 https://www.mbgsec.com/archive/2022-08-29-3-ways-no-code-developers-can-shoot-themselves-in-the-foot/ 2022-08-29T00:00:00+00:00 https://www.mbgsec.com/archive/2022-09-02-a-windows-11-automation-tool-can-easily-be-hijacked-wired/ 2022-09-02T00:00:00+00:00 https://www.mbgsec.com/archive/2022-09-26-we-re-thinking-about-saas-the-wrong-way/ 2022-09-26T00:00:00+00:00 https://www.mbgsec.com/archive/2022-10-24-embracing-the-next-generation-of-business-developers/ 2022-10-24T00:00:00+00:00 https://www.mbgsec.com/archive/2022-11-21-major-security-breach-from-business-users-low-code-apps-could-come-in-2023-analysts-warn/ 2022-11-21T00:00:00+00:00 https://www.mbgsec.com/archive/2022-12-20-are-100-security-guarantees-possible/ 2022-12-20T00:00:00+00:00 https://www.mbgsec.com/archive/2023-01-23-no-one-wants-to-be-governed-everyone-wants-to-be-helped/ 2023-01-23T00:00:00+00:00 https://www.mbgsec.com/archive/2023-02-20-despite-breach-lastpass-demonstrates-the-power-of-password-management/ 2023-02-20T00:00:00+00:00 https://www.mbgsec.com/archive/2023-03-20-ai-has-your-business-data/ 2023-03-20T00:00:00+00:00 https://www.mbgsec.com/archive/2023-04-18-where-there-s-no-code-there-s-no-sdlc/ 2023-04-18T00:00:00+00:00 https://www.mbgsec.com/archive/2023-05-15-generative-ai-empowers-users-but-challenges-security/ 2023-05-15T00:00:00+00:00 https://www.mbgsec.com/archive/2023-06-26-remediation-ballet-is-a-pas-de-deux-of-patch-and-performance/ 2023-06-26T00:00:00+00:00 https://www.mbgsec.com/archive/2023-07-14-rogue-azure-ad-guests-can-steal-data-via-power-apps/ 2023-07-14T00:00:00+00:00 https://www.mbgsec.com/archive/2023-08-10-microsoft-365-guests-power-apps-security-nightmare-the-register/ 2023-08-10T00:00:00+00:00 https://www.mbgsec.com/archive/2023-09-18-security-conferences-keep-us-honest/ 2023-09-18T00:00:00+00:00 https://www.mbgsec.com/archive/2023-10-17-security-must-empower-ai-developers-now/ 2023-10-17T00:00:00+00:00 https://www.mbgsec.com/archive/2023-11-20-enterprise-generative-ai-enters-its-citizen-development-era/ 2023-11-20T00:00:00+00:00 https://www.mbgsec.com/archive/2024-01-23-move-fast-and-break-the-enterprise-with-ai/ 2024-01-23T00:00:00+00:00 https://www.mbgsec.com/archive/2024-03-05-the-challenges-of-ai-security-begin-with-defining-it/ 2024-03-05T00:00:00+00:00 https://www.mbgsec.com/archive/2024-05-23-seizing-control-of-the-cloud-security-cockpit/ 2024-05-23T00:00:00+00:00 https://www.mbgsec.com/archive/2024-06-24-what-application-security-within-shadow-it-looks-like/ 2024-06-24T00:00:00+00:00 https://www.mbgsec.com/archive/2024-08-19-assume-breach-when-building-ai-apps/ 2024-08-19T00:00:00+00:00 https://www.mbgsec.com/archive/2024-11-18-to-map-shadow-it-follow-citizen-developers/ 2024-11-18T00:00:00+00:00 https://www.mbgsec.com/archive/2024-12-16-citizen-development-moves-too-fast-for-its-own-good/ 2024-12-16T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-ai-agents-are-here-so-are-the-threats/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-doomarena-security-evaluation-framework-for-ai-agents/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-dspy/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-foundation-sec-cisco-foundation-ai-s-open-source-model/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-hello-0-days-my-old-friend-a-2024-zero-day-exploitation-analysis-google-cloud-blog/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-mcp-untrusted-servers-and-confused-clients-plus-a-sneaky-exploit-embrace-the-red/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-new-whitepaper-outlines-the-taxonomy-of-failure-modes-in-ai-agents-microsoft-security-blog/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-researchers-secretly-ran-a-massive-unauthorized-ai-persuasion-experiment-on-reddit-users/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-security-on-the-path-to-agi-openai/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-sycophancy-in-gpt-4o-what-happened-and-what-were-doing-about-it-openai/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-03-understanding-tokens-in-microsoft-entra-id-microsoft-entra-id-microsoft-learn/ 2025-05-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-ai-red-teaming-roadmap-roadmap-sh/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-building-a-secure-agentic-ai-application-leveraging-googles-a2a-protocol/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-expanding-on-what-we-missed-with-sycophancy-openai/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-openai-security-research-conference/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-page-not-found-github-github/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-project-zero-from-naptime-to-big-sleep-using-large-language-models-to-catch-vulnerabilities-in-real/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-securing-genai-multi-agent-systems-against-tool-squatting-a-zero-trust-registry-based-approach/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-04-sharing-new-open-source-protection-tools-and-advancements-in-ai-privacy-and-security/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-2024-malicious-infrastructure-insights-key-trends-and-threats/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-deepseek-the-quiet-giant-leading-chinas-ai-race/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-dspy/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-enterprise-grade-security-for-the-model-context-protocol-mcp-frameworks-and-mitigation-strategies/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-executive-summary-chapter-1-of-superintelligence-strategy/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-fermi-redux-where-is-all-the-ai-enabled-cybercrime-3-quarks-daily/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-how-chatgpt-remembers-you-a-deep-dive-into-its-memory-and-chat-history-features-embrace-the-red/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-monitoring-reasoning-models-for-misbehavior-and-the-risks-of-promoting-obfuscation/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-05-securing-ai-llms-in-2025-a-practical-guide-to-securing-deploying-ai/ 2025-05-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-07-microsoft-bookings-facilitating-impersonation-cyberis-limited/ 2025-05-07T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-08-ai-agents-fail-in-novel-ways-put-businesses-at-risk/ 2025-05-08T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-08-mcp-may-cause-pwnage-backdoors-in-disguise/ 2025-05-08T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-08-software-security-code-of-practice-gov-uk/ 2025-05-08T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-08-software-security-code-of-practice-implementation-guidance-ncsc-gov-uk/ 2025-05-08T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-a-sober-look-at-progress-in-language-model-reasoning-pitfalls-and-paths-to-reproducibility/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-agent-red-teaming-details-gray-swan-arena-gray-swan-ai/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-cai-an-open-bug-bounty-ready-cybersecurity-ai/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-detecting-misbehavior-in-frontier-reasoning-models-openai/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-github-vgel-logitloom-explore-token-trajectory-trees-on-instruct-and-base-models/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-09-openai-explainability-and-reasoning-should-inform-future-ai-models-venturebeat/ 2025-05-09T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-build-a-knowledge-graph-with-mcp-memory-and-amazon-neptune-by-david-bechberger-apr-2025-medium/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-endless-jailbreaks-with-bijection-learning/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-github-haizelabs-get-haized-a-subset-of-jailbreaks-automatically-discovered-by-the-haize-labs-haizin/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-haize-labs-rigorous-ai-testing-for-reliable-llms-agents/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-introducing-openai-for-countries-openai/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-05-10-surviving-on-a-diet-of-poisoned-fruit-reducing-the-national-security-risks-of-americas-cyber-depende/ 2025-05-10T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-3rd-party-authorizations-oauth-nhi-agents/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-51-elliot-parable-of-the-banana-leaf/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-a-systematization-of-security-vulnerabilities-in-computer-use-agents/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-activating-ai-safety-level-3-protections-anthropic/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-add-xor-rol-a-non-anthropomorphized-view-of-llms/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-and-secure-code-generation-lawfare/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-in-software-engineering-at-facebook-ieee-journals-magazine-ieee-xplore/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-lab-watch/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-security-notes-5-14-2025-joshua-saxe/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-security-notes-6-27-joshua-saxe/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ai-security-requires-enterprise-grade-ai-discovery-with-complete-coverage-and-deep-context-noma-secu/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-airtbench-measuring-autonomous-ai-red-teaming-capabilities-in-language-models/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-alphaevolve-a-gemini-powered-coding-agent-for-designing-advanced-algorithms-google-deepmind/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-asynchrony-is-not-concurrency-loris-cro-s-blog/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-awesome-reviewers/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-badsuccessor-abusing-dmsa-to-escalate-privileges-in-active-directory/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-bloomberg-are-you-a-robot/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-bruteforcing-the-phone-number-of-any-google-user/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-building-launching-and-scaling-chatgpt-images/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-cert-ua-discovers-lamehug-malware-linked-to-apt28-using-llm-for-phishing-campaign/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-cloud-ciso-perspectives-how-google-secures-ai-agents-google-cloud-blog/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-context-engineering-for-ai-agents-lessons-from-building-manus/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-cyber-hard-problems-focused-steps-toward-a-resilient-digital-future-the-national-academies-press/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-disrupting-malicious-uses-of-ai-june-2025-openai/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-do-llm-agents-have-ai-red-team-capabilities-we-built-a-benchmark-to-find-out/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-enhancing-security-in-ai-agents-with-fides-a-formal-model-leveraging-information-flow-control/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-from-luddites-to-ai-the-overton-window-of-disruption/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-google-online-security-blog-mitigating-prompt-injection-attacks-with-a-layered-defense-strategy/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-hacking-ai-applications-in-the-trenches-with-dspy-bugcrowd/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-how-chinas-patriotic-honkers-became-the-nations-elite-cyberspies-wired/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-impleme/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-how-to-perform-clipboard-forensics-activitiescache-db-memory-forensics-and-clipboard-history/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-how-to-scale-rl-to-10-26-flops-by-jack-morris/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-invited-talk-overlooked-foundations-exploits-as-experiments-and-constructive-proofs-in-the-science-o/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-life-prediction-ai-prompt-by-mattshumer-shumerprompt-ai-prompt-marketplace/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-lloyds-of-london-versicherung-soll-schaden-durch-ki-halluzinationen-abdecken-heise-online/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-measuring-the-impact-of-early-2025-ai-on-experienced-open-source-developer-productivity-metr/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-medium-com/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-neurips-poster-puregen-universal-data-purification-for-train-time-poison-defense-via-generative-mode/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-new-threat-vector-prompt-injection-at-the-raw-signal-level/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-novel-ssrf-technique-involving-http-redirect-loops-searchlight-cyber/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-ok-signing-off-replit-for-the-day-by-jasonlk-jason-saastr-ai-lemkin-twitter-thread-reader/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-open-problems-in-mechanistic-interpretability/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-project-zero-project-naptime-evaluating-offensive-security-capabilities-of-large-language-models/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-reflections-on-openai/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-revolutionizing-red-teaming-the-single-turn-crescendo-attack-stca-on-large-language-models/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-scaling-security-with-responsible-disclosure-openai/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-securing-the-model-context-protocol-building-a-safer-agentic-future-on-windows-windows-experience-bl/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-security-for-high-velocity-engineering/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-security-steerability-is-all-you-need/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-security-to-model-securing-artificial-intelligence-to-strengthen-cybersecurity-committee-on-homeland/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-shade-arena-evaluating-sabotage-and-monitoring-in-llm-agents-anthropic/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-source-code-analysis-of-amazon-kiro/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-spikee-simple-prompt-injection-kit-for-evaluation-and-exploitation/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-steam-networks-works-in-progress-magazine/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-temporal-context-awareness-a-defense-framework-against-multi-turn-manipulation-attacks-on-large-lang/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-the-ups-and-downs-of-0-days/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-this-is-how-you-build-an-ai-ransomware-worm-truffle-security-co/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-tokenization-confusion-specterops/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-trustedsec-hunting-deserialization-vulnerabilities-with-claude/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-understanding-mcp-toolchain-risks-a-security-insight/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-understanding-shadow-agents-in-multi-agent-llm-systems/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-whats-your-model-hiding-preview-the-snyk-genai-model-risk-registry-snyk-labs/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-why-robots-won-t-cause-mass-unemployment-mises-institute/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-20-wsj-com/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-21-end-of-train-and-head-of-train-remote-linking-protocol-cisa/ 2025-07-21T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-21-vulnerability-that-stops-a-running-train-cervello/ 2025-07-21T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-24-the-utter-flimsiness-of-xais-processes-by-thorne/ 2025-07-24T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-26-amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/ 2025-07-26T00:00:00+00:00 https://www.mbgsec.com/archive/2025-07-26-how-we-rooted-copilot-eye-research/ 2025-07-26T00:00:00+00:00 https://www.mbgsec.com/archive/2025-08-13-at-black-hat-and-def-con-ai-was-hacker-bodyguard-and-target-all-at-once-fortune/ 2025-08-13T00:00:00+00:00 https://www.mbgsec.com/archive/2025-08-13-sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say-sc-media/ 2025-08-13T00:00:00+00:00 https://www.mbgsec.com/archive/2025-08-16-security-engineer-agent-security-openai/ 2025-08-16T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-01-introducing-docent-transluce-ai/ 2025-09-01T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-03-the-experience-of-the-analyst-in-an-ai-powered-present-quelques-digressions-sous-gpl/ 2025-09-03T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-05-we-built-the-security-layer-mcp-always-needed-the-trail-of-bits-blog/ 2025-09-05T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-06-the-real-dilemmas-of-cybersecurity-startup-ideation-discovery-and-validation/ 2025-09-06T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-07-ai-powered-promptlocker-ransomware-is-just-an-nyu-research-project-the-code-worked-as-a-typical-rans/ 2025-09-07T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-11-defeating-nondeterminism-in-llm-inference-thinking-machines-lab/ 2025-09-11T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-12-an-attackers-blunder-gave-us-a-look-into-their-operations-huntress/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-12-internet-detectives-are-misusing-ai-to-find-charlie-kirks-alleged-shooter-the-verge/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-12-jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them-the-trail-of-bits-blog/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-12-microsoft-under-fire-senator-demands-ftc-investigation-into-arsonist-selling-firefighting-services-c/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-14-vaultgemma-the-world-s-most-capable-differentially-private-llm/ 2025-09-14T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-17-one-token-to-rule-them-all-obtaining-global-admin-in-every-entra-id-tenant-via-actor-tokens-dirkjanm/ 2025-09-17T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-19-shadowleak-a-zero-click-service-side-attack-exfiltrating-sensitive-data-using-chatgpts-agent/ 2025-09-19T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-20-libraries-io-releases-data-on-over-25m-open-source-software-repositories-by-benjamin-nickolls-librar/ 2025-09-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-20-our-latest-libraries-data-release-has-arrived/ 2025-09-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-20-our-second-libraries-io-open-data-release-has-arrived/ 2025-09-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-20-our-third-libraries-io-open-data-release-has-arrived/ 2025-09-20T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-23-trusted-publishing-for-npm-packages-npm-docs/ 2025-09-23T00:00:00+00:00 https://www.mbgsec.com/archive/2025-09-24-you-can-have-two-big-things-but-not-three/ 2025-09-24T00:00:00+00:00 https://www.mbgsec.com/archive/2025-10-22-updates-mitre-atlastm/ 2025-10-22T00:00:00+00:00 https://www.mbgsec.com/archive/2025-10-23-dane-stuckey-openai-ciso-on-prompt-injection-risks-for-chatgpt-atlas/ 2025-10-23T00:00:00+00:00 https://www.mbgsec.com/archive/2025-10-30-claude-pirate-abusing-anthropic-s-file-api-for-data-exfiltration-embrace-the-red/ 2025-10-30T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-01-agents-rule-of-two-a-practical-approach-to-ai-agent-security/ 2025-11-01T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-07-what-greynoise-learned-from-deploying-mcp-honeypots/ 2025-11-07T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-07-you-should-write-an-agent-the-fly-blog/ 2025-11-07T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-08-code-execution-with-mcp-building-more-efficient-ai-agents-anthropic/ 2025-11-08T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-16-full-report-disrupting-the-first-reported-ai-orchestrated-cyber-espionage-campaign/ 2025-11-16T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-24-tokenization-confusion-xpn-infosec-blog/ 2025-11-24T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-25-emergent-misalignment-from-reward-hacking-in-reinforcement-learning-systems/ 2025-11-25T00:00:00+00:00 https://www.mbgsec.com/archive/2025-11-25-specific-versus-general-principles-for-constitutional-ai/ 2025-11-25T00:00:00+00:00 https://www.mbgsec.com/archive/2026-01-06-agent-guardrails-and-controls-applying-the-cors-model-to-agents-goose/ 2026-01-06T00:00:00+00:00 https://www.mbgsec.com/archive/2026-03-29-claude-code-auto-mode-a-safer-way-to-skip-permissions/ 2026-03-29T00:00:00+00:00 https://www.mbgsec.com/posts/2023-09-16-my-intense-2am-conversations-with-msrc-a-week-before-bh/ 2023-09-16T00:00:00+00:00 https://www.mbgsec.com/posts/2023-10-30-owasp-dc-links/ 2023-10-30T00:00:00+00:00 https://www.mbgsec.com/posts/2023-12-03-copilot-sharepoint-data-exfil/ 2023-12-03T00:00:00+00:00 https://www.mbgsec.com/posts/2024-01-28-ai-security-is-the-next-big-thing-question-mark/ 2024-01-28T00:00:00+00:00 https://www.mbgsec.com/posts/2024-05-04-all-you-need-is-guest/ 2024-05-04T00:00:00+00:00 https://www.mbgsec.com/posts/2024-05-05-power-platform-dlp-bypass-via-copy-and-paste/ 2024-05-05T00:00:00+00:00 https://www.mbgsec.com/posts/2024-05-05-rsac-2024/ 2024-05-05T00:00:00+00:00 https://www.mbgsec.com/posts/2024-09-26-safe-web-browsing-for-copilots/ 2024-09-26T00:00:00+00:00 https://www.mbgsec.com/posts/2025-03-15-very-important-instructions/ 2025-03-15T00:00:00+00:00 https://www.mbgsec.com/posts/2025-04-28-beyond-prompt-injection/ 2025-04-28T00:00:00+00:00 https://www.mbgsec.com/posts/2025-04-29-there-is-nothing-responsible-about-disclosure-of/ 2025-04-29T00:00:00+00:00 https://www.mbgsec.com/posts/2025-05-04-oai-security-conf-vibe/ 2025-05-04T00:00:00+00:00 https://www.mbgsec.com/posts/2025-05-08-oai-security-conf-automated-vuln-discovery/ 2025-05-08T00:00:00+00:00 https://www.mbgsec.com/posts/2025-05-12-oai-security-conf-sam-altman/ 2025-05-12T00:00:00+00:00 https://www.mbgsec.com/posts/2025-07-19-data-flow-controls-wont-save-us/ 2025-07-19T00:00:00+00:00 https://www.mbgsec.com/posts/2025-07-24-constructing-a-timeline-for-amazon-q-prompt-infection/ 2025-07-24T00:00:00+00:00 https://www.mbgsec.com/posts/2025-07-26-tracking-down-the-amazon-q-attacker-through-deleted-prs/ 2025-07-26T00:00:00+00:00 https://www.mbgsec.com/posts/2025-08-08-enterprise-ai-compromise-0click-exploit-methods-sneak-peek/ 2025-08-08T00:00:00+00:00 https://www.mbgsec.com/posts/2025-08-28-human-machine-interface-role-reversal/ 2025-08-28T00:00:00+00:00 https://www.mbgsec.com/posts/2025-10-08-making-real-progress-in-security-from-ai/ 2025-10-08T00:00:00+00:00 https://www.mbgsec.com/posts/2026-01-11-first-public-confirmation-of-ta-targeting-ai-systems/ 2026-01-11T00:00:00+00:00 https://www.mbgsec.com/posts/2026-02-18-raptor-finds-cline-compromise/ 2026-02-18T00:00:00+00:00 https://www.mbgsec.com/posts/2026-02-19-agent-repo-compromised-by-agent-to-install-an-agent/ 2026-02-19T00:00:00+00:00 https://www.mbgsec.com/projects/aivss/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/awesomelowcode/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/chatsboxai/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/genaiattacks/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/owasplcnctop10/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/powerpwn/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/projects/zenity/ 2026-03-29T09:07:45+00:00 https://www.mbgsec.com/weblog/2021-11-18-addressing-the-low-code-security-elephant-in-the-room/ 2021-11-18T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-04-18-why-so-many-security-experts-are-concerned-about-low-code-no-code-apps/ 2022-04-18T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-05-16-you-can-t-opt-out-of-citizen-development/ 2022-05-16T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-06-20-credential-sharing-as-a-service-the-hidden-risk-of-low-code-no-code/ 2022-06-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-07-22-watch-out-for-user-impersonation-in-low-code-no-code-apps/ 2022-07-22T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-08-29-3-ways-no-code-developers-can-shoot-themselves-in-the-foot/ 2022-08-29T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-09-02-a-windows-11-automation-tool-can-easily-be-hijacked-wired/ 2022-09-02T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-09-26-we-re-thinking-about-saas-the-wrong-way/ 2022-09-26T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-10-24-embracing-the-next-generation-of-business-developers/ 2022-10-24T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-11-21-major-security-breach-from-business-users-low-code-apps-could-come-in-2023-analysts-warn/ 2022-11-21T00:00:00+00:00 https://www.mbgsec.com/weblog/2022-12-20-are-100-security-guarantees-possible/ 2022-12-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-01-23-no-one-wants-to-be-governed-everyone-wants-to-be-helped/ 2023-01-23T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-02-20-despite-breach-lastpass-demonstrates-the-power-of-password-management/ 2023-02-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-03-20-ai-has-your-business-data/ 2023-03-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-04-18-where-there-s-no-code-there-s-no-sdlc/ 2023-04-18T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-05-15-generative-ai-empowers-users-but-challenges-security/ 2023-05-15T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-06-26-remediation-ballet-is-a-pas-de-deux-of-patch-and-performance/ 2023-06-26T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-07-14-rogue-azure-ad-guests-can-steal-data-via-power-apps/ 2023-07-14T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-08-10-microsoft-365-guests-power-apps-security-nightmare-the-register/ 2023-08-10T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-09-18-security-conferences-keep-us-honest/ 2023-09-18T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-10-17-security-must-empower-ai-developers-now/ 2023-10-17T00:00:00+00:00 https://www.mbgsec.com/weblog/2023-11-20-enterprise-generative-ai-enters-its-citizen-development-era/ 2023-11-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-01-23-move-fast-and-break-the-enterprise-with-ai/ 2024-01-23T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-03-05-the-challenges-of-ai-security-begin-with-defining-it/ 2024-03-05T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-05-23-seizing-control-of-the-cloud-security-cockpit/ 2024-05-23T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-06-24-what-application-security-within-shadow-it-looks-like/ 2024-06-24T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-08-19-assume-breach-when-building-ai-apps/ 2024-08-19T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-11-18-to-map-shadow-it-follow-citizen-developers/ 2024-11-18T00:00:00+00:00 https://www.mbgsec.com/weblog/2024-12-16-citizen-development-moves-too-fast-for-its-own-good/ 2024-12-16T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-20-ok-signing-off-replit-for-the-day-by-jasonlk-jason-saastr-ai-lemkin-twitter-thread-reader/ 2025-07-20T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-21-end-of-train-and-head-of-train-remote-linking-protocol-cisa/ 2025-07-21T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-21-vulnerability-that-stops-a-running-train-cervello/ 2025-07-21T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-24-the-utter-flimsiness-of-xais-processes-by-thorne/ 2025-07-24T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-26-amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/ 2025-07-26T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-07-26-how-we-rooted-copilot-eye-research/ 2025-07-26T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-08-13-at-black-hat-and-def-con-ai-was-hacker-bodyguard-and-target-all-at-once-fortune/ 2025-08-13T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-08-13-sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say-sc-media/ 2025-08-13T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-08-16-security-engineer-agent-security-openai/ 2025-08-16T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-01-introducing-docent-transluce-ai/ 2025-09-01T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-03-the-experience-of-the-analyst-in-an-ai-powered-present-quelques-digressions-sous-gpl/ 2025-09-03T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-07-ai-powered-promptlocker-ransomware-is-just-an-nyu-research-project-the-code-worked-as-a-typical-rans/ 2025-09-10T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-05-we-built-the-security-layer-mcp-always-needed-the-trail-of-bits-blog/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-06-the-real-dilemmas-of-cybersecurity-startup-ideation-discovery-and-validation/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-12-jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them-the-trail-of-bits-blog/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-12-microsoft-under-fire-senator-demands-ftc-investigation-into-arsonist-selling-firefighting-services-c/ 2025-09-12T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-11-defeating-nondeterminism-in-llm-inference-thinking-machines-lab/ 2025-09-15T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-12-an-attackers-blunder-gave-us-a-look-into-their-operations-huntress/ 2025-09-15T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-12-internet-detectives-are-misusing-ai-to-find-charlie-kirks-alleged-shooter-the-verge/ 2025-09-15T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-14-vaultgemma-the-world-s-most-capable-differentially-private-llm/ 2025-09-15T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-17-one-token-to-rule-them-all-obtaining-global-admin-in-every-entra-id-tenant-via-actor-tokens-dirkjanm/ 2025-09-17T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-19-shadowleak-a-zero-click-service-side-attack-exfiltrating-sensitive-data-using-chatgpts-agent/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-20-libraries-io-releases-data-on-over-25m-open-source-software-repositories-by-benjamin-nickolls-librar/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-20-our-latest-libraries-data-release-has-arrived/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-20-our-second-libraries-io-open-data-release-has-arrived/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-20-our-third-libraries-io-open-data-release-has-arrived/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-23-trusted-publishing-for-npm-packages-npm-docs/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-09-24-you-can-have-two-big-things-but-not-three/ 2025-09-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-01-agents-rule-of-two-a-practical-approach-to-ai-agent-security/ 2025-11-02T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-10-23-dane-stuckey-openai-ciso-on-prompt-injection-risks-for-chatgpt-atlas/ 2025-11-03T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-10-30-claude-pirate-abusing-anthropic-s-file-api-for-data-exfiltration-embrace-the-red/ 2025-11-03T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-07-what-greynoise-learned-from-deploying-mcp-honeypots/ 2025-11-07T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-10-22-updates-mitre-atlastm/ 2025-11-08T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-07-you-should-write-an-agent-the-fly-blog/ 2025-11-08T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-08-code-execution-with-mcp-building-more-efficient-ai-agents-anthropic/ 2025-11-08T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-16-full-report-disrupting-the-first-reported-ai-orchestrated-cyber-espionage-campaign/ 2025-11-16T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-24-tokenization-confusion-xpn-infosec-blog/ 2025-11-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-25-emergent-misalignment-from-reward-hacking-in-reinforcement-learning-systems/ 2025-11-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2025-11-25-specific-versus-general-principles-for-constitutional-ai/ 2025-11-25T00:00:00+00:00 https://www.mbgsec.com/weblog/2026-01-06-agent-guardrails-and-controls-applying-the-cors-model-to-agents-goose/ 2026-01-06T00:00:00+00:00 https://www.mbgsec.com/weblog/2026-03-29-claude-code-auto-mode-a-safer-way-to-skip-permissions/ 2026-03-29T00:00:00+00:00 https://www.mbgsec.com/_archive/2021-11-18-addressing-the-low-code-security-elephant-in-the-room/ https://www.mbgsec.com/_weblog/2021-11-18-addressing-the-low-code-security-elephant-in-the-room/ https://www.mbgsec.com/_archive/2022-04-18-why-so-many-security-experts-are-concerned-about-low-code-no-code-apps/ https://www.mbgsec.com/_weblog/2022-04-18-why-so-many-security-experts-are-concerned-about-low-code-no-code-apps/ https://www.mbgsec.com/_archive/2022-05-16-you-can-t-opt-out-of-citizen-development/ https://www.mbgsec.com/_weblog/2022-05-16-you-can-t-opt-out-of-citizen-development/ https://www.mbgsec.com/_archive/2022-06-20-credential-sharing-as-a-service-the-hidden-risk-of-low-code-no-code/ https://www.mbgsec.com/_weblog/2022-06-20-credential-sharing-as-a-service-the-hidden-risk-of-low-code-no-code/ https://www.mbgsec.com/_archive/2022-07-22-watch-out-for-user-impersonation-in-low-code-no-code-apps/ https://www.mbgsec.com/_weblog/2022-07-22-watch-out-for-user-impersonation-in-low-code-no-code-apps/ https://www.mbgsec.com/_archive/2022-08-29-3-ways-no-code-developers-can-shoot-themselves-in-the-foot/ https://www.mbgsec.com/_weblog/2022-08-29-3-ways-no-code-developers-can-shoot-themselves-in-the-foot/ https://www.mbgsec.com/_archive/2022-09-02-a-windows-11-automation-tool-can-easily-be-hijacked-wired/ https://www.mbgsec.com/_weblog/2022-09-02-a-windows-11-automation-tool-can-easily-be-hijacked-wired/ https://www.mbgsec.com/_archive/2022-09-26-we-re-thinking-about-saas-the-wrong-way/ https://www.mbgsec.com/_weblog/2022-09-26-we-re-thinking-about-saas-the-wrong-way/ https://www.mbgsec.com/_archive/2022-10-24-embracing-the-next-generation-of-business-developers/ https://www.mbgsec.com/_weblog/2022-10-24-embracing-the-next-generation-of-business-developers/ https://www.mbgsec.com/_archive/2022-11-21-major-security-breach-from-business-users-low-code-apps-could-come-in-2023-analysts-warn/ https://www.mbgsec.com/_weblog/2022-11-21-major-security-breach-from-business-users-low-code-apps-could-come-in-2023-analysts-warn/ https://www.mbgsec.com/_archive/2022-12-20-are-100-security-guarantees-possible/ https://www.mbgsec.com/_weblog/2022-12-20-are-100-security-guarantees-possible/ https://www.mbgsec.com/_archive/2023-01-23-no-one-wants-to-be-governed-everyone-wants-to-be-helped/ https://www.mbgsec.com/_weblog/2023-01-23-no-one-wants-to-be-governed-everyone-wants-to-be-helped/ https://www.mbgsec.com/_archive/2023-02-20-despite-breach-lastpass-demonstrates-the-power-of-password-management/ https://www.mbgsec.com/_weblog/2023-02-20-despite-breach-lastpass-demonstrates-the-power-of-password-management/ https://www.mbgsec.com/_archive/2023-03-20-ai-has-your-business-data/ https://www.mbgsec.com/_weblog/2023-03-20-ai-has-your-business-data/ https://www.mbgsec.com/_archive/2023-04-18-where-there-s-no-code-there-s-no-sdlc/ https://www.mbgsec.com/_weblog/2023-04-18-where-there-s-no-code-there-s-no-sdlc/ https://www.mbgsec.com/_archive/2023-05-15-generative-ai-empowers-users-but-challenges-security/ https://www.mbgsec.com/_weblog/2023-05-15-generative-ai-empowers-users-but-challenges-security/ https://www.mbgsec.com/_archive/2023-06-26-remediation-ballet-is-a-pas-de-deux-of-patch-and-performance/ https://www.mbgsec.com/_weblog/2023-06-26-remediation-ballet-is-a-pas-de-deux-of-patch-and-performance/ https://www.mbgsec.com/_archive/2023-07-14-rogue-azure-ad-guests-can-steal-data-via-power-apps/ https://www.mbgsec.com/_weblog/2023-07-14-rogue-azure-ad-guests-can-steal-data-via-power-apps/ https://www.mbgsec.com/_archive/2023-08-10-microsoft-365-guests-power-apps-security-nightmare-the-register/ https://www.mbgsec.com/_weblog/2023-08-10-microsoft-365-guests-power-apps-security-nightmare-the-register/ https://www.mbgsec.com/_archive/2023-09-18-security-conferences-keep-us-honest/ https://www.mbgsec.com/_weblog/2023-09-18-security-conferences-keep-us-honest/ https://www.mbgsec.com/_archive/2023-10-17-security-must-empower-ai-developers-now/ https://www.mbgsec.com/_weblog/2023-10-17-security-must-empower-ai-developers-now/ https://www.mbgsec.com/_archive/2023-11-20-enterprise-generative-ai-enters-its-citizen-development-era/ https://www.mbgsec.com/_weblog/2023-11-20-enterprise-generative-ai-enters-its-citizen-development-era/ https://www.mbgsec.com/_archive/2024-01-23-move-fast-and-break-the-enterprise-with-ai/ https://www.mbgsec.com/_weblog/2024-01-23-move-fast-and-break-the-enterprise-with-ai/ https://www.mbgsec.com/_archive/2024-03-05-the-challenges-of-ai-security-begin-with-defining-it/ https://www.mbgsec.com/_weblog/2024-03-05-the-challenges-of-ai-security-begin-with-defining-it/ https://www.mbgsec.com/_archive/2024-05-23-seizing-control-of-the-cloud-security-cockpit/ https://www.mbgsec.com/_weblog/2024-05-23-seizing-control-of-the-cloud-security-cockpit/ https://www.mbgsec.com/_archive/2024-06-24-what-application-security-within-shadow-it-looks-like/ https://www.mbgsec.com/_weblog/2024-06-24-what-application-security-within-shadow-it-looks-like/ https://www.mbgsec.com/_archive/2024-08-19-assume-breach-when-building-ai-apps/ https://www.mbgsec.com/_weblog/2024-08-19-assume-breach-when-building-ai-apps/ https://www.mbgsec.com/_archive/2024-11-18-to-map-shadow-it-follow-citizen-developers/ https://www.mbgsec.com/_weblog/2024-11-18-to-map-shadow-it-follow-citizen-developers/ https://www.mbgsec.com/_archive/2024-12-16-citizen-development-moves-too-fast-for-its-own-good/ https://www.mbgsec.com/_weblog/2024-12-16-citizen-development-moves-too-fast-for-its-own-good/ https://www.mbgsec.com/_archive/2025-05-03-ai-agents-are-here-so-are-the-threats/ https://www.mbgsec.com/_archive/2025-05-03-doomarena-security-evaluation-framework-for-ai-agents/ https://www.mbgsec.com/_archive/2025-05-03-dspy/ https://www.mbgsec.com/_archive/2025-05-03-foundation-sec-cisco-foundation-ai-s-open-source-model/ https://www.mbgsec.com/_archive/2025-05-03-hello-0-days-my-old-friend-a-2024-zero-day-exploitation-analysis-google-cloud-blog/ https://www.mbgsec.com/_archive/2025-05-03-mcp-untrusted-servers-and-confused-clients-plus-a-sneaky-exploit-embrace-the-red/ https://www.mbgsec.com/_archive/2025-05-03-new-whitepaper-outlines-the-taxonomy-of-failure-modes-in-ai-agents-microsoft-security-blog/ https://www.mbgsec.com/_archive/2025-05-03-researchers-secretly-ran-a-massive-unauthorized-ai-persuasion-experiment-on-reddit-users/ https://www.mbgsec.com/_archive/2025-05-03-security-on-the-path-to-agi-openai/ https://www.mbgsec.com/_archive/2025-05-03-sycophancy-in-gpt-4o-what-happened-and-what-were-doing-about-it-openai/ https://www.mbgsec.com/_archive/2025-05-03-understanding-tokens-in-microsoft-entra-id-microsoft-entra-id-microsoft-learn/ https://www.mbgsec.com/_archive/2025-05-04-ai-red-teaming-roadmap-roadmap-sh/ https://www.mbgsec.com/_archive/2025-05-04-building-a-secure-agentic-ai-application-leveraging-googles-a2a-protocol/ https://www.mbgsec.com/_archive/2025-05-04-expanding-on-what-we-missed-with-sycophancy-openai/ https://www.mbgsec.com/_archive/2025-05-04-openai-security-research-conference/ https://www.mbgsec.com/_archive/2025-05-04-page-not-found-github-github/ https://www.mbgsec.com/_archive/2025-05-04-project-zero-from-naptime-to-big-sleep-using-large-language-models-to-catch-vulnerabilities-in-real/ https://www.mbgsec.com/_archive/2025-05-04-securing-genai-multi-agent-systems-against-tool-squatting-a-zero-trust-registry-based-approach/ https://www.mbgsec.com/_archive/2025-05-04-sharing-new-open-source-protection-tools-and-advancements-in-ai-privacy-and-security/ https://www.mbgsec.com/_archive/2025-05-05-2024-malicious-infrastructure-insights-key-trends-and-threats/ https://www.mbgsec.com/_archive/2025-05-05-deepseek-the-quiet-giant-leading-chinas-ai-race/ https://www.mbgsec.com/_archive/2025-05-05-dspy/ https://www.mbgsec.com/_archive/2025-05-05-enterprise-grade-security-for-the-model-context-protocol-mcp-frameworks-and-mitigation-strategies/ https://www.mbgsec.com/_archive/2025-05-05-executive-summary-chapter-1-of-superintelligence-strategy/ https://www.mbgsec.com/_archive/2025-05-05-fermi-redux-where-is-all-the-ai-enabled-cybercrime-3-quarks-daily/ https://www.mbgsec.com/_archive/2025-05-05-how-chatgpt-remembers-you-a-deep-dive-into-its-memory-and-chat-history-features-embrace-the-red/ https://www.mbgsec.com/_archive/2025-05-05-monitoring-reasoning-models-for-misbehavior-and-the-risks-of-promoting-obfuscation/ https://www.mbgsec.com/_archive/2025-05-05-securing-ai-llms-in-2025-a-practical-guide-to-securing-deploying-ai/ https://www.mbgsec.com/_archive/2025-05-07-microsoft-bookings-facilitating-impersonation-cyberis-limited/ https://www.mbgsec.com/_archive/2025-05-08-ai-agents-fail-in-novel-ways-put-businesses-at-risk/ https://www.mbgsec.com/_archive/2025-05-08-mcp-may-cause-pwnage-backdoors-in-disguise/ https://www.mbgsec.com/_archive/2025-05-08-software-security-code-of-practice-gov-uk/ https://www.mbgsec.com/_archive/2025-05-08-software-security-code-of-practice-implementation-guidance-ncsc-gov-uk/ https://www.mbgsec.com/_archive/2025-05-09-a-sober-look-at-progress-in-language-model-reasoning-pitfalls-and-paths-to-reproducibility/ https://www.mbgsec.com/_archive/2025-05-09-agent-red-teaming-details-gray-swan-arena-gray-swan-ai/ https://www.mbgsec.com/_archive/2025-05-09-cai-an-open-bug-bounty-ready-cybersecurity-ai/ https://www.mbgsec.com/_archive/2025-05-09-detecting-misbehavior-in-frontier-reasoning-models-openai/ https://www.mbgsec.com/_archive/2025-05-09-github-vgel-logitloom-explore-token-trajectory-trees-on-instruct-and-base-models/ https://www.mbgsec.com/_archive/2025-05-09-openai-explainability-and-reasoning-should-inform-future-ai-models-venturebeat/ https://www.mbgsec.com/_archive/2025-05-10-build-a-knowledge-graph-with-mcp-memory-and-amazon-neptune-by-david-bechberger-apr-2025-medium/ https://www.mbgsec.com/_archive/2025-05-10-endless-jailbreaks-with-bijection-learning/ https://www.mbgsec.com/_archive/2025-05-10-github-haizelabs-get-haized-a-subset-of-jailbreaks-automatically-discovered-by-the-haize-labs-haizin/ https://www.mbgsec.com/_archive/2025-05-10-haize-labs-rigorous-ai-testing-for-reliable-llms-agents/ https://www.mbgsec.com/_archive/2025-05-10-introducing-openai-for-countries-openai/ https://www.mbgsec.com/_archive/2025-05-10-surviving-on-a-diet-of-poisoned-fruit-reducing-the-national-security-risks-of-americas-cyber-depende/ https://www.mbgsec.com/_archive/2025-07-20-3rd-party-authorizations-oauth-nhi-agents/ https://www.mbgsec.com/_archive/2025-07-20-51-elliot-parable-of-the-banana-leaf/ https://www.mbgsec.com/_archive/2025-07-20-a-systematization-of-security-vulnerabilities-in-computer-use-agents/ https://www.mbgsec.com/_archive/2025-07-20-activating-ai-safety-level-3-protections-anthropic/ https://www.mbgsec.com/_archive/2025-07-20-add-xor-rol-a-non-anthropomorphized-view-of-llms/ https://www.mbgsec.com/_archive/2025-07-20-ai-and-secure-code-generation-lawfare/ https://www.mbgsec.com/_archive/2025-07-20-ai-in-software-engineering-at-facebook-ieee-journals-magazine-ieee-xplore/ https://www.mbgsec.com/_archive/2025-07-20-ai-lab-watch/ https://www.mbgsec.com/_archive/2025-07-20-ai-security-notes-5-14-2025-joshua-saxe/ https://www.mbgsec.com/_archive/2025-07-20-ai-security-notes-6-27-joshua-saxe/ https://www.mbgsec.com/_archive/2025-07-20-ai-security-requires-enterprise-grade-ai-discovery-with-complete-coverage-and-deep-context-noma-secu/ https://www.mbgsec.com/_archive/2025-07-20-airtbench-measuring-autonomous-ai-red-teaming-capabilities-in-language-models/ https://www.mbgsec.com/_archive/2025-07-20-alphaevolve-a-gemini-powered-coding-agent-for-designing-advanced-algorithms-google-deepmind/ https://www.mbgsec.com/_archive/2025-07-20-asynchrony-is-not-concurrency-loris-cro-s-blog/ https://www.mbgsec.com/_archive/2025-07-20-awesome-reviewers/ https://www.mbgsec.com/_archive/2025-07-20-badsuccessor-abusing-dmsa-to-escalate-privileges-in-active-directory/ https://www.mbgsec.com/_archive/2025-07-20-bloomberg-are-you-a-robot/ https://www.mbgsec.com/_archive/2025-07-20-bruteforcing-the-phone-number-of-any-google-user/ https://www.mbgsec.com/_archive/2025-07-20-building-launching-and-scaling-chatgpt-images/ https://www.mbgsec.com/_archive/2025-07-20-cert-ua-discovers-lamehug-malware-linked-to-apt28-using-llm-for-phishing-campaign/ https://www.mbgsec.com/_archive/2025-07-20-cloud-ciso-perspectives-how-google-secures-ai-agents-google-cloud-blog/ https://www.mbgsec.com/_archive/2025-07-20-context-engineering-for-ai-agents-lessons-from-building-manus/ https://www.mbgsec.com/_archive/2025-07-20-cyber-hard-problems-focused-steps-toward-a-resilient-digital-future-the-national-academies-press/ https://www.mbgsec.com/_archive/2025-07-20-disrupting-malicious-uses-of-ai-june-2025-openai/ https://www.mbgsec.com/_archive/2025-07-20-do-llm-agents-have-ai-red-team-capabilities-we-built-a-benchmark-to-find-out/ https://www.mbgsec.com/_archive/2025-07-20-enhancing-security-in-ai-agents-with-fides-a-formal-model-leveraging-information-flow-control/ https://www.mbgsec.com/_archive/2025-07-20-from-luddites-to-ai-the-overton-window-of-disruption/ https://www.mbgsec.com/_archive/2025-07-20-google-online-security-blog-mitigating-prompt-injection-attacks-with-a-layered-defense-strategy/ https://www.mbgsec.com/_archive/2025-07-20-hacking-ai-applications-in-the-trenches-with-dspy-bugcrowd/ https://www.mbgsec.com/_archive/2025-07-20-how-chinas-patriotic-honkers-became-the-nations-elite-cyberspies-wired/ https://www.mbgsec.com/_archive/2025-07-20-how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-impleme/ https://www.mbgsec.com/_archive/2025-07-20-how-to-perform-clipboard-forensics-activitiescache-db-memory-forensics-and-clipboard-history/ https://www.mbgsec.com/_archive/2025-07-20-how-to-scale-rl-to-10-26-flops-by-jack-morris/ https://www.mbgsec.com/_archive/2025-07-20-invited-talk-overlooked-foundations-exploits-as-experiments-and-constructive-proofs-in-the-science-o/ https://www.mbgsec.com/_archive/2025-07-20-life-prediction-ai-prompt-by-mattshumer-shumerprompt-ai-prompt-marketplace/ https://www.mbgsec.com/_archive/2025-07-20-lloyds-of-london-versicherung-soll-schaden-durch-ki-halluzinationen-abdecken-heise-online/ https://www.mbgsec.com/_archive/2025-07-20-measuring-the-impact-of-early-2025-ai-on-experienced-open-source-developer-productivity-metr/ https://www.mbgsec.com/_archive/2025-07-20-medium-com/ https://www.mbgsec.com/_archive/2025-07-20-neurips-poster-puregen-universal-data-purification-for-train-time-poison-defense-via-generative-mode/ https://www.mbgsec.com/_archive/2025-07-20-new-threat-vector-prompt-injection-at-the-raw-signal-level/ https://www.mbgsec.com/_archive/2025-07-20-novel-ssrf-technique-involving-http-redirect-loops-searchlight-cyber/ https://www.mbgsec.com/_archive/2025-07-20-ok-signing-off-replit-for-the-day-by-jasonlk-jason-saastr-ai-lemkin-twitter-thread-reader/ https://www.mbgsec.com/_weblog/2025-07-20-ok-signing-off-replit-for-the-day-by-jasonlk-jason-saastr-ai-lemkin-twitter-thread-reader/ https://www.mbgsec.com/_archive/2025-07-20-open-problems-in-mechanistic-interpretability/ https://www.mbgsec.com/_archive/2025-07-20-project-zero-project-naptime-evaluating-offensive-security-capabilities-of-large-language-models/ https://www.mbgsec.com/_archive/2025-07-20-reflections-on-openai/ https://www.mbgsec.com/_archive/2025-07-20-revolutionizing-red-teaming-the-single-turn-crescendo-attack-stca-on-large-language-models/ https://www.mbgsec.com/_archive/2025-07-20-scaling-security-with-responsible-disclosure-openai/ https://www.mbgsec.com/_archive/2025-07-20-securing-the-model-context-protocol-building-a-safer-agentic-future-on-windows-windows-experience-bl/ https://www.mbgsec.com/_archive/2025-07-20-security-for-high-velocity-engineering/ https://www.mbgsec.com/_archive/2025-07-20-security-steerability-is-all-you-need/ https://www.mbgsec.com/_archive/2025-07-20-security-to-model-securing-artificial-intelligence-to-strengthen-cybersecurity-committee-on-homeland/ https://www.mbgsec.com/_archive/2025-07-20-shade-arena-evaluating-sabotage-and-monitoring-in-llm-agents-anthropic/ https://www.mbgsec.com/_archive/2025-07-20-source-code-analysis-of-amazon-kiro/ https://www.mbgsec.com/_archive/2025-07-20-spikee-simple-prompt-injection-kit-for-evaluation-and-exploitation/ https://www.mbgsec.com/_archive/2025-07-20-steam-networks-works-in-progress-magazine/ https://www.mbgsec.com/_archive/2025-07-20-temporal-context-awareness-a-defense-framework-against-multi-turn-manipulation-attacks-on-large-lang/ https://www.mbgsec.com/_archive/2025-07-20-the-ups-and-downs-of-0-days/ https://www.mbgsec.com/_archive/2025-07-20-this-is-how-you-build-an-ai-ransomware-worm-truffle-security-co/ https://www.mbgsec.com/_archive/2025-07-20-tokenization-confusion-specterops/ https://www.mbgsec.com/_archive/2025-07-20-trustedsec-hunting-deserialization-vulnerabilities-with-claude/ https://www.mbgsec.com/_archive/2025-07-20-understanding-mcp-toolchain-risks-a-security-insight/ https://www.mbgsec.com/_archive/2025-07-20-understanding-shadow-agents-in-multi-agent-llm-systems/ https://www.mbgsec.com/_archive/2025-07-20-whats-your-model-hiding-preview-the-snyk-genai-model-risk-registry-snyk-labs/ https://www.mbgsec.com/_archive/2025-07-20-why-robots-won-t-cause-mass-unemployment-mises-institute/ https://www.mbgsec.com/_archive/2025-07-20-wsj-com/ https://www.mbgsec.com/_archive/2025-07-21-end-of-train-and-head-of-train-remote-linking-protocol-cisa/ https://www.mbgsec.com/_weblog/2025-07-21-end-of-train-and-head-of-train-remote-linking-protocol-cisa/ https://www.mbgsec.com/devlog/2025-07-21-link-archive-integration/ https://www.mbgsec.com/_archive/2025-07-21-vulnerability-that-stops-a-running-train-cervello/ https://www.mbgsec.com/_weblog/2025-07-21-vulnerability-that-stops-a-running-train-cervello/ https://www.mbgsec.com/_archive/2025-07-24-the-utter-flimsiness-of-xais-processes-by-thorne/ https://www.mbgsec.com/_weblog/2025-07-24-the-utter-flimsiness-of-xais-processes-by-thorne/ https://www.mbgsec.com/_archive/2025-07-26-amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/ https://www.mbgsec.com/_weblog/2025-07-26-amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/ https://www.mbgsec.com/_archive/2025-07-26-how-we-rooted-copilot-eye-research/ https://www.mbgsec.com/_weblog/2025-07-26-how-we-rooted-copilot-eye-research/ https://www.mbgsec.com/_archive/2025-08-13-at-black-hat-and-def-con-ai-was-hacker-bodyguard-and-target-all-at-once-fortune/ https://www.mbgsec.com/_weblog/2025-08-13-at-black-hat-and-def-con-ai-was-hacker-bodyguard-and-target-all-at-once-fortune/ https://www.mbgsec.com/_archive/2025-08-13-sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say-sc-media/ https://www.mbgsec.com/_weblog/2025-08-13-sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say-sc-media/ https://www.mbgsec.com/_archive/2025-08-16-security-engineer-agent-security-openai/ https://www.mbgsec.com/_weblog/2025-08-16-security-engineer-agent-security-openai/ https://www.mbgsec.com/_archive/2025-09-01-introducing-docent-transluce-ai/ https://www.mbgsec.com/_weblog/2025-09-01-introducing-docent-transluce-ai/ https://www.mbgsec.com/_archive/2025-09-03-the-experience-of-the-analyst-in-an-ai-powered-present-quelques-digressions-sous-gpl/ https://www.mbgsec.com/_weblog/2025-09-03-the-experience-of-the-analyst-in-an-ai-powered-present-quelques-digressions-sous-gpl/ https://www.mbgsec.com/_archive/2025-09-05-we-built-the-security-layer-mcp-always-needed-the-trail-of-bits-blog/ https://www.mbgsec.com/_weblog/2025-09-05-we-built-the-security-layer-mcp-always-needed-the-trail-of-bits-blog/ https://www.mbgsec.com/_archive/2025-09-06-the-real-dilemmas-of-cybersecurity-startup-ideation-discovery-and-validation/ https://www.mbgsec.com/_weblog/2025-09-06-the-real-dilemmas-of-cybersecurity-startup-ideation-discovery-and-validation/ https://www.mbgsec.com/_archive/2025-09-07-ai-powered-promptlocker-ransomware-is-just-an-nyu-research-project-the-code-worked-as-a-typical-rans/ https://www.mbgsec.com/_weblog/2025-09-07-ai-powered-promptlocker-ransomware-is-just-an-nyu-research-project-the-code-worked-as-a-typical-rans/ https://www.mbgsec.com/_archive/2025-09-11-defeating-nondeterminism-in-llm-inference-thinking-machines-lab/ https://www.mbgsec.com/_weblog/2025-09-11-defeating-nondeterminism-in-llm-inference-thinking-machines-lab/ https://www.mbgsec.com/_archive/2025-09-12-an-attackers-blunder-gave-us-a-look-into-their-operations-huntress/ https://www.mbgsec.com/_weblog/2025-09-12-an-attackers-blunder-gave-us-a-look-into-their-operations-huntress/ https://www.mbgsec.com/_archive/2025-09-12-internet-detectives-are-misusing-ai-to-find-charlie-kirks-alleged-shooter-the-verge/ https://www.mbgsec.com/_weblog/2025-09-12-internet-detectives-are-misusing-ai-to-find-charlie-kirks-alleged-shooter-the-verge/ https://www.mbgsec.com/_archive/2025-09-12-jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them-the-trail-of-bits-blog/ https://www.mbgsec.com/_weblog/2025-09-12-jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them-the-trail-of-bits-blog/ https://www.mbgsec.com/_archive/2025-09-12-microsoft-under-fire-senator-demands-ftc-investigation-into-arsonist-selling-firefighting-services-c/ https://www.mbgsec.com/_weblog/2025-09-12-microsoft-under-fire-senator-demands-ftc-investigation-into-arsonist-selling-firefighting-services-c/ https://www.mbgsec.com/_archive/2025-09-14-vaultgemma-the-world-s-most-capable-differentially-private-llm/ https://www.mbgsec.com/_weblog/2025-09-14-vaultgemma-the-world-s-most-capable-differentially-private-llm/ https://www.mbgsec.com/_archive/2025-09-17-one-token-to-rule-them-all-obtaining-global-admin-in-every-entra-id-tenant-via-actor-tokens-dirkjanm/ https://www.mbgsec.com/_weblog/2025-09-17-one-token-to-rule-them-all-obtaining-global-admin-in-every-entra-id-tenant-via-actor-tokens-dirkjanm/ https://www.mbgsec.com/_archive/2025-09-19-shadowleak-a-zero-click-service-side-attack-exfiltrating-sensitive-data-using-chatgpts-agent/ https://www.mbgsec.com/_weblog/2025-09-19-shadowleak-a-zero-click-service-side-attack-exfiltrating-sensitive-data-using-chatgpts-agent/ https://www.mbgsec.com/_archive/2025-09-20-libraries-io-releases-data-on-over-25m-open-source-software-repositories-by-benjamin-nickolls-librar/ https://www.mbgsec.com/_weblog/2025-09-20-libraries-io-releases-data-on-over-25m-open-source-software-repositories-by-benjamin-nickolls-librar/ https://www.mbgsec.com/_archive/2025-09-20-our-latest-libraries-data-release-has-arrived/ https://www.mbgsec.com/_weblog/2025-09-20-our-latest-libraries-data-release-has-arrived/ https://www.mbgsec.com/_archive/2025-09-20-our-second-libraries-io-open-data-release-has-arrived/ https://www.mbgsec.com/_weblog/2025-09-20-our-second-libraries-io-open-data-release-has-arrived/ https://www.mbgsec.com/_archive/2025-09-20-our-third-libraries-io-open-data-release-has-arrived/ https://www.mbgsec.com/_weblog/2025-09-20-our-third-libraries-io-open-data-release-has-arrived/ https://www.mbgsec.com/_archive/2025-09-23-trusted-publishing-for-npm-packages-npm-docs/ https://www.mbgsec.com/_weblog/2025-09-23-trusted-publishing-for-npm-packages-npm-docs/ https://www.mbgsec.com/_archive/2025-09-24-you-can-have-two-big-things-but-not-three/ https://www.mbgsec.com/_weblog/2025-09-24-you-can-have-two-big-things-but-not-three/ https://www.mbgsec.com/_archive/2025-10-22-updates-mitre-atlastm/ https://www.mbgsec.com/_weblog/2025-10-22-updates-mitre-atlastm/ https://www.mbgsec.com/_archive/2025-10-23-dane-stuckey-openai-ciso-on-prompt-injection-risks-for-chatgpt-atlas/ https://www.mbgsec.com/_weblog/2025-10-23-dane-stuckey-openai-ciso-on-prompt-injection-risks-for-chatgpt-atlas/ https://www.mbgsec.com/_archive/2025-10-30-claude-pirate-abusing-anthropic-s-file-api-for-data-exfiltration-embrace-the-red/ https://www.mbgsec.com/_weblog/2025-10-30-claude-pirate-abusing-anthropic-s-file-api-for-data-exfiltration-embrace-the-red/ https://www.mbgsec.com/_archive/2025-11-01-agents-rule-of-two-a-practical-approach-to-ai-agent-security/ https://www.mbgsec.com/_weblog/2025-11-01-agents-rule-of-two-a-practical-approach-to-ai-agent-security/ https://www.mbgsec.com/_archive/2025-11-07-what-greynoise-learned-from-deploying-mcp-honeypots/ https://www.mbgsec.com/_weblog/2025-11-07-what-greynoise-learned-from-deploying-mcp-honeypots/ https://www.mbgsec.com/_archive/2025-11-07-you-should-write-an-agent-the-fly-blog/ https://www.mbgsec.com/_weblog/2025-11-07-you-should-write-an-agent-the-fly-blog/ https://www.mbgsec.com/_archive/2025-11-08-code-execution-with-mcp-building-more-efficient-ai-agents-anthropic/ https://www.mbgsec.com/_weblog/2025-11-08-code-execution-with-mcp-building-more-efficient-ai-agents-anthropic/ https://www.mbgsec.com/_archive/2025-11-16-full-report-disrupting-the-first-reported-ai-orchestrated-cyber-espionage-campaign/ https://www.mbgsec.com/_weblog/2025-11-16-full-report-disrupting-the-first-reported-ai-orchestrated-cyber-espionage-campaign/ https://www.mbgsec.com/_archive/2025-11-24-tokenization-confusion-xpn-infosec-blog/ https://www.mbgsec.com/_weblog/2025-11-24-tokenization-confusion-xpn-infosec-blog/ https://www.mbgsec.com/_archive/2025-11-25-emergent-misalignment-from-reward-hacking-in-reinforcement-learning-systems/ https://www.mbgsec.com/_weblog/2025-11-25-emergent-misalignment-from-reward-hacking-in-reinforcement-learning-systems/ https://www.mbgsec.com/_archive/2025-11-25-specific-versus-general-principles-for-constitutional-ai/ https://www.mbgsec.com/_weblog/2025-11-25-specific-versus-general-principles-for-constitutional-ai/ https://www.mbgsec.com/_archive/2026-01-06-agent-guardrails-and-controls-applying-the-cors-model-to-agents-goose/ https://www.mbgsec.com/_weblog/2026-01-06-agent-guardrails-and-controls-applying-the-cors-model-to-agents-goose/ https://www.mbgsec.com/_archive/2026-03-29-claude-code-auto-mode-a-safer-way-to-skip-permissions/ https://www.mbgsec.com/_weblog/2026-03-29-claude-code-auto-mode-a-safer-way-to-skip-permissions/ https://www.mbgsec.com/_projects/aivss/ https://www.mbgsec.com/archive/ https://www.mbgsec.com/_projects/awesomelowcode/ https://www.mbgsec.com/topics/ https://www.mbgsec.com/_projects/chatsboxai/ https://www.mbgsec.com/about/ https://www.mbgsec.com/_projects/genaiattacks/ https://www.mbgsec.com/ https://www.mbgsec.com/linklog/ https://www.mbgsec.com/_projects/owasplcnctop10/ https://www.mbgsec.com/posts/ https://www.mbgsec.com/_projects/powerpwn/ https://www.mbgsec.com/wip/ https://www.mbgsec.com/talks/ https://www.mbgsec.com/weblog/ https://www.mbgsec.com/_projects/zenity/ https://www.mbgsec.com/page2/ https://www.mbgsec.com/page3/ https://www.mbgsec.com/page4/ https://www.mbgsec.com/page5/ https://www.mbgsec.com/assets/app/comp_calc.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/app/hard_boundaries.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/app/self-decrypting-html.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/files/2026-02-18-raptor-finds-cline-compromise/ 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/files/2026-02-18-raptor-finds-cline-compromise/page-001.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/files/2026-02-18-raptor-finds-cline-compromise/page-002.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/files/2026-02-18-raptor-finds-cline-compromise/page-003.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/files/2026-02-18-raptor-finds-cline-compromise/page-004.html 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-08-13_DEFCON30_Low_Code_High_Risk.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-08-13_DEFCON30_No_Code_Malware.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-08-31_OWASP-APAC-2022_Dominating_the_Enterprise_via_Low_Code_Abuse.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-09-01_OWASP-APAC-2022_No_Code_Risk_What_Happens_When_We_Leave_No_Code_Up_for_Grabs.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-09-22_Bsides-Singapore-2022_Malware_Powered_by_Windows_11_No_Code.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-10-28-LASCON_No_Code_Risk_What_Happens_When_We_Leave_No_Code_up_for_Grabs.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-11-02_LowCodeCon.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-11-17_OWASP-US-2022_Windows_RCE_as_a_Service.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-11-19_BSides-Orlando_No_Code_Malware_Windows_At_Your_Service.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2022-11-19_BSides-Vienna-0x7E6_No_Code_Malware_Windows_At_Your_Service.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-01-05_RSAC-365-2023.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-01-23_Workato_Automated_Security_Governance.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-02-15_OWASP-Dublin-2023_Credential_Sharing_as_a_Service_the_Dark_Side_of_No_Code.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-02-28_DC9723_No_Code_Malware_Windows_11_At_Your_Service.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-03-28_CodeFrenzy_Credential_Sharing_as_a_Service_the_Dark_Side_of_No_Code.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-04-18_SANS-UK_Credential_Sharing_as_a_Service_the_Dark_Side_of_No_Code.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-04-22_BSidesNYC_Dominating_the_Enterprise_via_Low_Code_Abuse.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-04-23_BSidesSF_Sure_Let_Business_Users_Build_Their_Own_What_Could_Go_Wrong.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-04-23_BSidesSF_Windows_11_At_Your_Service.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-04-28_RSAC-2023_DAS-R06_Credential_Sharing_as_a_Service_The_Dark_Side_of_No_Code.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-08-08_BSidesLV-2023_All_You_Need_is_Guest.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-08-09_BHUSA-2023_Sure_Let_Business_Users_Build_Their_Own_What_Could_Go_Wrong.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-08-09_BSidesLV-2023_Sure_Let_Business_Users_Build_Their_Own_What_Could_Go_Wrong.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-08-09_BSidesLV-2023_Wolves_in_Windows_Clothing.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-08-10_BHUSA-2023_All_You_Need_is_Guest.pdf 2026-03-29T09:07:20+00:00 https://www.mbgsec.com/assets/pdfs/2023-10-24_Sector-23_AllYouNeedIsGuest.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2023-10-25_Sector-23_SureLetBusinessUsersBuildTheirOwnWhatCouldGoWrong.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2023-10-30_OWASP_DC_CREDENTIALSHARINGASASERVICETHEDARKSIDEOFNOCODE.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2023-10-31-OWASP_DC_LCNC_Top_10.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-04-18_t2-24_AllYouNeedIsGuest_part1.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-04-18_t2-24_AllYouNeedIsGuest_part2.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-05-06_RSAC-24_AllYouNeedIsGuest.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-08-07_15_ways_to_break_your_Copilot.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-08-08_Living_off_Microsoft_Copilot_Part1.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-08-08_Living_off_Microsoft_Copilot_Part2.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-09-29_Living_off_Microsoft_Copilot_part1a.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-09-29_Living_off_Microsoft_Copilot_part1b.pdf 2026-03-29T09:07:21+00:00 https://www.mbgsec.com/assets/pdfs/2024-09-29_Living_off_Microsoft_Copilot_part2.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2024-10-23_AI_Empowers%20Your_Business_What_Does_that_Mean_for_Security_Steve_Shanko.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2024-10-24_The_good_the_bad_and_the_ugly_part1.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2024-10-24_The_good_the_bad_and_the_ugly_part2a.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2024-10-24_The_good_the_bad_and_the_ugly_part2b.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2024-10-30_Scaling_AppSec_With_an_SDL_for_Cit_Dev.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2025-03-31-AI_Agent_Security_Summit_welcome_keynote.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2025-04-29_Your_Copilot_Is_My_Insider.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2025-04-30_Scaling_AppSec_With_an_SDLC_for_Citizen_Development.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2025-08-06_BHUSA2025_AI-Enterprise-Compromise-0click-Exploit-Methods.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/pdfs/2025-10-08_ActuallyMakingProgressInSecurityFromAI.pdf 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/vault/2025-08-24.html 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/vault/2025-09-15.html 2026-03-29T09:07:22+00:00 https://www.mbgsec.com/assets/vault/2025-12-10.html 2026-03-29T09:07:22+00:00