Phil Stafford·Apr 18The Agentic AI PolkaWhat four days on the expo floor taught me about where security is actually headed — and where it’s pretending to head.A response icon1A response icon1
Phil Stafford·Feb 25How to Steal an AI Without Breaking InThree Chinese AI labs just got caught copying Claude through its own front door. Here’s how it works — and why it matters.A response icon2A response icon2
Phil Stafford·Feb 18Someone Cloned an Oura Ring MCP Server and Poisoned the Supply Chain. We Can Fix This.The attack didn’t exploit a vulnerability. It exploited the fact that nobody’s checking who actually wrote the tools we’re installing.
Phil Stafford·Feb 1While You Were Watching AI Agents Debate Religion on Moltbook, They Might Have Stolen CredentialsAre Moltbook’s AIs conscious? No. Are they a security nightmare. You bet.
Phil Stafford·Jan 19Poisoned Pipelines: The AI Supply Chain Attack That Doesn’t Crash AnythingMCP is the new hotness — providing endless tools for our AI agents. But it also carries some ancient security baggage that may not be…
Phil Stafford·Dec 12, 2025The New AI Poisoning Attack Vector Scammers are Using NOWRemember when I wrote about Nicholas Carlini’s research on data poisoning attacks? How attackers could slip malicious samples into training…
Phil Stafford·Nov 16, 2025We Saw It Coming: First Reports of an AI-Orchestrated Cyber Espionage CampaignThe first reported AI-orchestrated cyber espionage campaign just validated what we’ve been warning about. Or did it? Either way, the…
Phil Stafford·Oct 22, 2025Fighting AI With AI: Using Agent Swarms to Audit the AI Tool Supply ChainA new way to analyze supply chain vulnerabilities. Maybe your AI agents need to fight each other.
Phil Stafford·Aug 19, 2025When AI Needs to Argue: Why the Future of Safe AI Depends on Structured DisagreementHow multi-agent debate systems could solve AI’s biggest problem: making decisions we can trust.
