blog · field notes

What we're seeing.
AI in security, recent vulnerabilities, hunter notes.

Posts are written by the hunters who found the bug, not by a content team. No SEO mush, no 'top 10 cyber trends'. Read the first one if you want a flavor.

latest · 2026-05-19

race-02 and the rise of agentic race conditions

Why the next class of agent we shipped is the one your scanner has never had a sane way to find.

2026-05-12·8 min

CVE-2026-2912: the next-auth session leak we found in 3 customer codebases

Same misconfiguration, three different shapes. The fix is a one-liner; the detection is not.

#cve#next-auth#session

2026-04-30·7 min

why LLM agents are better at IDOR than humans (and worse at race conditions)

A hot take with receipts: 412 confirmed IDOR exploits in 90 days. Here is why the agent fleet eats this class for breakfast.

#methodology#idor#agents

2026-04-22·5 min

three SSRFs in webhook validators we found in one week

The webhook test endpoint is the SSRF sink everyone forgets. Here is what three different customers shipped, and what they had in common.

#ssrf#webhooks#case-study

2026-04-08·5 min

the wrong way to red-team an AI coding assistant

A short rant about prompt-injection theater, and what we actually do when a customer asks us to test their LLM features.

#ai-safety#prompt-injection#opinion

2026-03-28·6 min

CVE-2026-1117 and why function-name collisions are back

A 30-year-old class of SQL bug, freshly relevant because of how ORM extensions auto-bind.

#cve#postgres#sql

2026-03-15·7 min

the Anthropic SDK XSS the assistants missed

Why an AI-generated codepath had a stored XSS that three different coding assistants happily reviewed and shipped.

#xss#ai-safety#tool-use