How to Hack AI Agents and Applications
I often get asked how to hack AI applications. There hadn’t been a...
Top Posts
Evergreen essays or posts that were particularly well received.
Root for Your Friends
Heads‑up: The concept of this post might seem trivial, but it can ...
AI Comprehension Gaps: When Humans and AI See Different Things
There’s an AI Security and Safety concept that I’m calling “AI Comprehension Gaps.” It’s a bit of a mouthful, but it’s an important concept. It’s when there’s a mismatch between what a user knows or sees and what an AI model understands from the same context. This information gap can lead to some pretty significant security issues.
The Quest for the Shortest Domain
In bug bounty hunting, having a short domain for XSS payloads can be the difference in exploiting a bug or not… and it’s just really cool to have a nice domain for payloads, LOL.
AI Models Are Not Safety-Tuned for Kids
It hit me like a lightning bolt during a casual conversation about AI safety: we’re tuning these models for adults, but kids are using them too.
The Real Future of Tech
In 2016, my friend Daniel Miessler wrote a book called “The Real Internet of Things.” It’s a quick little read that he later put on his site as an essay. You can read it here:
https://danielmiessler.com/blog/the-real-internet-of-things.
This Is How They Tell Me Bug Bounty Ends
An AI agent will soon be able to find all the vulnerabilities in any application. Or that’s what they say.
