Mud

🤓 Nice overview of prompt injection attacks! But I think if you focus only on prompt injection, you are missing a big part of how threat actors are abusing AI systems. Adversarial Prompts (IoPC) are much diverse and broad than just prompt injection!

🤓 I will be teaching my training "Practical AI for Threat Intelligence" at @BlackHatEvents USA this August 🇺🇸 Check it out if you want to learn how to build effective AI agents for CTI, understand how attackers leverage AI, and secure your own autonomous pipelines. We go deep into RAG, MCP, Agent Skills, AI security, monitoring, and hands on threat intel workflows. Early bird rate is still available 👇 1️⃣ August 1-2: #practical-genai-for-threat-intel-real-world-agentic-workflows-for-cyber-threat-intelligence-50417" target="_blank" rel="nofollow noopener">blackhat.com/us-26/training… 2️⃣ August 3-4: #practical-genai-for-threat-intel-real-world-agentic-workflows-for-cyber-threat-intelligence-504171770249968" target="_blank" rel="nofollow noopener">blackhat.com/us-26/training…

🤓 Just dropped a short clip from @BlackHatEvents Asia, where I delivered my training and presented at Arsenal on AI Threat Intelligence. Also, I tried durian again... 😬 youtu.be/mlKWR-suKOY?si…

TIL y'all like these kind of tweets? 🤔🤯😂 #lalputaclic Just got a reward for a critical vulnerability submitted on @yeswehack -- Code Injection (CWE-94). yeswehack.com/hunters/laluka #YesWeRHackers

LaluLog 01 - Life Update, 30 ans, Bug Bounty, Pentest, AI, CTF, C'est le bordel, comment rester zen ? 🌿 youtu.be/upd3cDhLBmA

And here is a quick design to recap the techniques mentioned above :)

🤓 Google released a new threat report talking about prompt injection attacks in the wild. They analyzed web data and identified the main types of attempts targeting AI systems, below is the breakdown 👇 - Harmless pranks: Small tricks to change tone or behavior. Not dangerous, but shows how easily AI can be influenced. - Helpful guidance: Website owners trying to steer AI summaries. Looks benign, but the same technique can be abused for misinformation. - SEO manipulation: Injected instructions to push content or promote services through AI assistants. This will scale fast. - Deterring AI agents: Tricks to block or exhaust agents. Example: forcing them into infinite loops or useless processing. - Data exfiltration: Early attempts to steal sensitive data from AI workflows. Still basic for now. - Destructive actions: Prompts trying to trigger harmful operations like deleting files. Attackers have already started poking at your systems. Better be ready when this starts working 🧐 security.googleblog.com/2026/04/ai-thr…

Huge shout out to the community around this project! This talk was also for you!! ❤️❤️❤️ @pedrinazziM @TekDefense @udgover @faisalusuf

Just had a great time presenting at @BlackHatEvents Arsenal about Nova and AI threat Intel! From the latest update to the skill/mcp scanner, promptintel, agent tracer and MoltThreats there was a lot to unpack 🤩

You can try it here flipbook.page/n/aec6a58882e8…

🤓 Imagine instead of reading a threat report, you can navigate through it visually, exploring technical details with diagrams that show how it works on the fly. Well, you can already do it with this new concept called Flipbook. I just tried it with a recent report about the Axios compromise. Check this out 👇

You can book your seat here: #practical-genai-for-threat-intel-real-world-agentic-workflows-for-cyber-threat-intelligence-504171770249968" target="_blank" rel="nofollow noopener">blackhat.com/us-26/training…

🤓 BlackHat ASIA training done ✅ Another intense session and great feedback from the participants! Next stop: @BlackHatEvents USA in August and you can still book your seat in early bird! ✨

Getting started 🚀🚀

Singapore @BlackHatEvents ASIA let’s get started 😎

@Cloudflare It would be cool if you also check llms.txt LLMstxt.org

Packing up for @BlackHatEvents ASIA!! See you there ✌️

📢 Big personal update!! After almost 5 years, today was my last day at Microsoft. I had the chance to work with very talented people on complex AI and security research. It was a wild ride! Next week I will be at Black Hat Asia. Reach out if you want to catch up and talk about the latest in AI x Threat Intelligence. Ready for what is coming next! ✌️

I can tell you that keeping this kind of training up to date with AI changing every week is very challenging! That is why I keep updating the material right up to the day of the training if I find something relevant for the context of the training and that's also why it is complicated to create an online version for now 🤓