infosec
Discussions about information security and privacy
@royalaid
NSA Recommendations for MCP / AI Tooling. PDF warning
https://www.nsa.gov/Portals/75/documents/Cybersecurity/CSI_MCP_SECURITY.pdf?ver=bmgiSbNQLP6Z_GiWtRt6bg%3D%3D
0 reply
0 recast
1 reaction
0 reply
0 recast
0 reaction
0 reply
1 recast
3 reactions
@m-j-r.eth
while there should be a forcing function for improving all security at all times...
sensationalizing the 1970s concept of a computer worm by simulating AI against purposefully weak test environments does a grave disservice to that public interest. this kind of research is far more instrumental against democratizing AI and for the runaway ability of a capable minority to exploit more systems over time.
https://palisaderesearch.org/blog/self-replication
0 reply
0 recast
1 reaction
@mantej
Securing the Agentic SDLC:
https://clover.security/blog/securing-the-agentic-sdlc-clover-security/
0 reply
0 recast
3 reactions
@royalaid
If you are using Vercel you probably want to roll secrets / api keys. Hell of a weekend
https://x.com/DiffeKey/status/2045813085408051670?s=20
3 replies
5 recasts
20 reactions
@royalaid
It super interesting that compute is now literally oil and the state space of potential programs the oil field. It's literally a navigation or graph problem in an insanely huge multidimensional space.
https://www.dbreunig.com/2026/04/14/cybersecurity-is-proof-of-work-now.html
0 reply
0 recast
2 reactions
@m-j-r.eth
Marcus Hutchins makes a good point, but there's always an opportunity to apply a reward like hypercertificates to leaderboards like https://code4rena.com/leaderboard
0 reply
0 recast
0 reaction
@m-j-r.eth
good thread for those without obese dictator blindness
https://x.com/zachxbt/status/2041873508180095032?s=20
0 reply
0 recast
2 reactions