MrDuc – Medium

MrDuc

The Invisible Attacker: How Hackers Hijack Your AI Without Ever Touching Your System

Information Security · 10 min read

Apr 17

The Invisible Attacker: How Hackers Hijack Your AI Without Ever Touching Your System

Apr 17

Prompt Injection 101: Defending Your AI Systems Without Using Another LLM as a Gatekeeper

Information Security · 9 min read

Apr 17

Prompt Injection 101: Defending Your AI Systems Without Using Another LLM as a Gatekeeper

Apr 17

Stop Storing Your System Prompts in the Database. Here’s Why.

We’ve all been in that architectural planning meeting. You’re building a new LLM-powered feature, and someone inevitably suggests: “Let’s…

Mar 30

Stop Storing Your System Prompts in the Database. Here’s Why.

Mar 30

The Death of the Password — Why Passkeys Will Dominate 2026

The credential is the vulnerability. Until we eliminate the shared secret entirely, no amount of complexity policy, rotation schedule, or…

Mar 26

The Death of the Password — Why Passkeys Will Dominate 2026

Mar 26

Agentic AI as an OT Attacker: How Autonomous Agents Will Break Industrial Networks

The industrial control systems securing your power grid, water treatment plant, and manufacturing floor were not designed to defend against…

Mar 26

Agentic AI as an OT Attacker: How Autonomous Agents Will Break Industrial Networks

Mar 26

The Vendor Access Problem: Why Third-Party RDP Is the Biggest OT Security Risk You’re Ignoring

Unauthorized external access accounts for half of all OT incidents. Here is what attackers actually do with vendor connections — and how to…

Mar 19

The Vendor Access Problem: Why Third-Party RDP Is the Biggest OT Security Risk You’re Ignoring

Mar 19

Securing AI Agents in the Enterprise: A Three-Tier Control Framework

From sandbox isolation to kill switches — the technical controls that actually matter when AI agents can act autonomously

Mar 19

Securing AI Agents in the Enterprise: A Three-Tier Control Framework

Mar 19

Anatomy of OT Devices in the Electric Power Sector: Every Device, Every Risk

A technical deep-dive for security engineers, operations staff, and risk managers in power grid environments

Mar 17

Mar 17

Hunting Threats in OT Environments Using Only Built-In System Commands — No Tools Required

How to detect Living-off-the-Land attacks in ICS/SCADA networks using native Windows and network commands already present on every…

Mar 16

Hunting Threats in OT Environments Using Only Built-In System Commands — No Tools Required

Mar 16

The Lethal Trifecta: How Indirect Prompt Injection Is Breaking Agentic AI — and What Security…

A deep-dive into the most dangerous emerging attack class of 2026: indirect prompt injection against AI agent ecosystems

Mar 16

The Lethal Trifecta: How Indirect Prompt Injection Is Breaking Agentic AI — and What Security…

Mar 16

MrDuc

MrDuc

OT/ICS Security Engineer at critical infrastructure. Researching AI agent security, prompt injection & industrial protocol vulnerabilities. Bug bounty hunter.

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech