clearseclabs

If you want RE to feel lighter and faster, not because the work is simpler, but because you’re operating with more leverage, this is where that shift starts. @reconmtl Training Link: l.clearseclabs.com/wuz62

Want to go beyond watching and start building these workflows yourself? We're teaching hands-on agentic RE / VR training at DEF CON, Ringzer0, REcon, and more this year. Full stack: local LLMs, MCP servers, and agentic reverse engineering workflows. l.clearseclabs.com/hk2nt

Building driver analysis via a new skills.md using the new pyghidra-mcp-cli 👀 The new CLI is perfect to integrate into your Pi / Opencode / ClaudeCode / Codex reversing workflow.

If you want RE to feel lighter and faster, not because the work is simpler, but because you’re operating with more leverage, this is where that shift starts. @reconmtl Training Link: l.clearseclabs.com/wuz62

New training coming to @reconmtl this June! Building Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI

Using the Pi agent (the one that powers OpenClaw) with Qwen3-Coder-Next to leverage pyghidra-mcp for reverse engineering. Coding agents are basically general-purpose. Give them the right "skills" and they become powerful general-purpose RE agents 🔥

AI isn’t replacing reverse engineers — it’s amplifying them. Learn how to apply AI safely and effectively in RE & vuln research at Ringzer0 SPRING//2026. ringzer0.training/countermeasure…

AI Security Digest – February 2026 (Week 1) 1️⃣ How LLMs Feed Your RE Habit Following the Use-After-Free Trail in CLFS - @clearbluejar - clearbluejar.github.io/posts/how-llms… 2️⃣ SmartLoader Clones Oura Ring MCP to Deploy Supply Chain Attack - @straikerai - straiker.ai/blog/smartload… 3️⃣ When MCP Meets OAuth Common Pitfalls Leading to One-Click Account Takeover - Fenix Q., Shuyang W. - @obsidiansec - obsidiansecurity.com/blog/when-mcp-… 4️⃣ Agentic AI and Non-Human Identities Demand a Paradigm Shift In Security Lessons from NHIcon 2026 - @McDwayne - @GitGuardian - blog.gitguardian.com/nhicon-2026/ 5️⃣ Protect your AI workloads from supply chain attacks - @anushkaiyer_ - @chainguard_dev - chainguard.dev/unchained/prot… 6️⃣ Hacking Moltbook The AI Social Network Any Human Can Control - @galnagli - @wiz_io - wiz.io/blog/exposed-m… 7️⃣ The rise of Moltbook suggests viral AI prompts may be the next big security threat - @arstechnica - arstechnica.com/ai/2026/02/the… 8️⃣ Moltbook and the Illusion of Harmless AI-Agent Communities - Lucie C. - @Vectra_AI - vectra.ai/blog/moltbook-… 9️⃣ Critical RCE in vLLM Allows Server Takeover via Malicious Video URL CVE-2026-22778 - Igor Stepansky - @orcasec - orca.security/resources/blog… 🔟 What Security Teams Need to Know About OpenClaw the AI Super Agent - Elia Zaitsev - @CrowdStrike - crowdstrike.com/en-us/blog/wha… 1️⃣1️⃣ An introduction to automated LLM red teaming - @snoeck_t - @NVISOsecurity - blog.nviso.eu/2026/02/05/an-… 1️⃣2️⃣ AI-Powered Kids’ Toy Turns a Bedroom Into an Attack Surface - @rez0__ - vulnu.com/p/ai-powered-k… 1️⃣3️⃣ “We’ve Solved Prompt Injection” And other bedtime stories from your security vendor - @conikeec - open.substack.com/pub/conikeec/p… 1️⃣4️⃣ AI Agent Prompt Injection Exposes Insider Risks - @DtexSystems - dtex.ai/resources/i3-t… 1️⃣5️⃣ Evaluating and mitigating the growing risk of LLM-discovered 0-days - @AnthropicAI - red.anthropic.com/2026/zero-days/ 1️⃣6️⃣ Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site - @matthewgault - @404mediaco - 404media.co/exposed-moltbo… 1️⃣7️⃣ It’s incredible It’s terrifying It’s OpenClaw - @jasonmeller - @1Password - 1password.com/blog/its-openc… 1️⃣8️⃣ One-click RCE on Clawd/Moltbot in under 2 hours with Hackian - Henrique Branquinho - @Ethiack - ethiack.com/news/blog/one-… 1️⃣9️⃣ OpenClaw Hardening for MSPs - @elli_shlomo - @GuardzCyber - guardz.com/blog/openclaw-… 2️⃣0️⃣ Red Teaming Agentic Capabilities in NVIDIA NeMo Agent Toolkit - @lakeraai - lakera.ai/blog/red-teami… 2️⃣1️⃣ Exploring the Security Risks of AI Assistants like OpenClaw - Conner McCauley, Kasimir Schulz, Ryan Tracey, Jason Martin - @HiddenLayerSec - hiddenlayer.com/research/explo… 2️⃣2️⃣ OpenClaw or OpenDoor - @stav_c - @zenity_io - labs.zenity.io/p/openclaw-or-… 2️⃣3️⃣ n8n Sandbox Escape Critical Vulnerabilities in n8n Exposes Hundreds of Thousands of Enterprise AI Systems to Complete Takeover - @EilonCohen - @Pillar_sec - pillar.security/blog/n8n-sandb… 2️⃣4️⃣ AI-assisted cloud intrusion achieves admin access in 8 minutes - Alessandro Brucato and Michael Clark - @Sysdig - sysdig.com/blog/ai-assist… 2️⃣5️⃣ DockerDash Two Attack Paths One AI Supply Chain Crisis - Sasi Levi - @NomaSecurity - noma.security/blog/dockerdas… 2️⃣6️⃣ Clawing Out The Skills Marketplace Just Inherited Its First Second-Degree Supply Chain Risk - Yotam Perkal ☄️ and Ehud Melzer - @pluto_security - blog.pluto.security/p/clawing-out-… 2️⃣7️⃣ Auditing Outline Firsthand lessons from comparing manual testing and AI security platforms - @LucaCarettoni - @doyensec - blog.doyensec.com/2026/02/03/out… 2️⃣8️⃣ Seven layers of Prompt Injection protection - @owasp_ai - #seven-layers-of-prompt-injection-protection" target="_blank" rel="nofollow noopener">owaspai.org/docs/2_threats… 2️⃣9️⃣ Why Moltbot formerly Clawdbot May Signal the Next AI Security Crisis - Sailesh Mishra and Sean P. Morgan - @PaloAltoNtwks - paloaltonetworks.com/blog/network-s… 3️⃣0️⃣ From magic to malware How OpenClaw’s agent skills become an attack surface - @jasonmeller - @1Password - 1password.com/blog/from-magi… 3️⃣1️⃣ From Automation to Infection How OpenClaw AI Agent Skills Are Being Weaponized - @bquintero - @VirusTotal - blog.virustotal.com/2026/02/from-a…

Last chance for the early bird discount on @clearbluejar’s “Building Agentic RE” course: training.defcon.org/products/agent…

New release pyghidra‑mcp v0.1.14 👀🔥 New Features: - Literal Code Search (exact‑match queries shipped alongside semantic search) - Cleaner project‑path handling - Automatic Microsoft Symbol Downloads (PDBs)

How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS clearbluejar.github.io/posts/how-llms…

Patch diffing + RCA for clfs.sys can awhile. I gave the diff + binary to a local LLM. It mapped the UAF path, race condition, all IOCTLs in <20 min LLMs don't replace the work, they are momentum. New blog post following the UAF trail of CVE-2025-29824: clearbluejar.github.io/posts/how-llms…

Come check out "Reverse Engineering Apple Security Updates" at @REverseConf 2026! Find out what you can do with a local llm!

🚨 REcon 2026 is LIVE! 🚀 Call for papers and registration are now open! Join the world's top reverse engineers & exploit devs in Montreal: 🛠 Trainings: June 15-18 (19 hands-on classes – AI agents, kernel exploits, Rust/Go reversing, fault injection & more!) 📅 Conference: June 19-21 Tickets & early bird now open → recon.cx Shoutout to the legends teaching: @SinSinology @KyleMartin @MalachiJonesPhD @andreyknvl @mr_phrazer @yarden_shafir @DrCh40s @pulsoid + more elite instructors! See website for all trainers and session info. Limited spots – see you in MTL! #REcon2026 #ReverseEngineering

If Windows internals feel like a black box, it’s not your fault — it’s your workflow. Learn RE/VR through real Windows CVEs, end‑to‑end. Feb 26 registration: l.clearseclabs.com/7mol8

Diving into new AI agent “skills” with pyghidra‑mcp and opencode. The pace of this tech is wild. The progressive disclosure you get from skills saves a ton of context, but I still like MCP to expose the complex tools like Ghidra. MCP isn’t dead yet!

pyghidra-mcp v0.1.13 new release - 👀🔥 New Features: - Import Directory - Mermaidjs CallGraphs Ghidra Headless Vibe reversing++

Windows vulnerability research, demystified. CVE-guided. Systematic. Hands-on. Registration open for Feb 26: l.clearseclabs.com/7mol8

If you want to bridge the gap between research and real-world application this year, explore our virtual and in-person offerings here: l.clearseclabs.com/djoqy

You're not alone... even seasoned researchers feel this pressure. The good news: you don't have to stay stuck. Immersive, instructor-led training closes those exact gaps, shifting you from frustration and theoretical knowledge to practical mastery you can apply the very next day.

2026 is here. You're setting big goals for your reverse engineering career, but you might feel behind in the fast-growing field of AI-enhanced RE and vulnerability research. Tools, workflows, and threats are evolving faster than ever, making it easy to worry about falling behind.