Mastodawn

Oh look. You can use #AI to create a nonsense bait and click loop to get paid.

https://www.justice.gov/usao-sdny/pr/north-carolina-man-pleads-guilty-music-streaming-fraud-aided-artificial-intelligence-0

Gary McGraw 3d ago

“They’re not really kind of standing back from these things and actually really taking an appropriate risk assessment. If you put a junior intern on this stuff, you would never give that junior intern access to all of your critical severity one HR data,”. #MLsec #AI #ML

And this is just one agent. Lol

https://www.theguardian.com/technology/2026/mar/20/meta-ai-agents-instruction-causes-large-sensitive-data-leak-to-employees

Meta AI agent’s instruction causes large sensitive data leak to employees

Artificial intelligence agent instructed engineer to take actions that exposed user and company data internally

The Guardian

Gary McGraw 4d ago

BIML's first Whitebox Summit #MLsec #ML #AI #infosec #security

https://berryvilleiml.com/2026/03/20/why-whitebox-machine-learning-matters/

Why Whitebox Machine Learning Matters | BIML

Imagine that you are trying to practice good security engineering at the system level when one of your essential compone

Berryville Institute of Machine Learning

Gary McGraw 4d ago

Whitebox #AI security summit witjh Starseer and Realm Labs. Get inside the neural network and see what's going on. #MLsec #ML #infosec #security

Gary McGraw 5d ago

BIML interacts with other major #MLsec lab regularly. Neil Daswani runs a Stanford research group on #MLsec where BIML will present next week.

Gary McGraw 5d ago

This nicely balanced article by @cademetz is only the tiniest tip of the iceberg. The security issues surrounding control of one agent get much more complicated when a swarm of agents (say 10,000 or even 1,000,000) is what you must consider. Time for #MLsec to face the future...not look back to adapt spent solutions.

#ML #AI #AgenticAI

https://www.nytimes.com/2026/03/19/technology/ai-agents-uses.html?unlocked_article_code=1.UVA.L8Pk.hlPQ4ekR49lC&smid=nytcore-android-share

A.I. Bots Can Act as Personal Digital Assistants, but There Are Serious Risks

New A.I. bots can do more than just chat. They can edit files, send emails, book trips and cause trouble.

The New York Times

Gary McGraw Mar 14

Thanks again to @gadi and company for organizing [un]prompted. BIML can't wait for the next one. Looking like this Fall...

#MLsec #Ai #ML

https://berryvilleiml.com/2026/03/13/unprompted-helping-to-define-mlsec/

[un]prompted helping to define MLsec | BIML

One of our key missions at BIML is to define the future of machine learning security. [un]prompted was hugely helpful in

Berryville Institute of Machine Learning

Show thread

Gary McGraw Mar 14

A complete Silver Bullet archive (with episodes starting twenty years ago in 2006) can be found on my website.

#swsec #appsec #MLsec

https://www.garymcgraw.com/technology/silver-bullet-podcast/

Silver Bullet Podcast | Gary McGraw

The Silver Bullet Podcast with Gary McGraw features interviews with security gurus

Gary McGraw Mar 14

The Silver Bullet Security Podcast rides again. Our first relaunch episode (episode 154 for those of you counting) can be found on the BIML website.

#MLsec #swsec #appsec #ML #AI

Future episodes are already planned with Giovanni Vigna, Phil Venables, and Nicolas Papernot.

Tune in and subscribe.

https://berryvilleiml.com/podcast/

Silver Bullet Security Podcast | BIML

Welcome to the Silver Bullet Security Podcast, created and hosted by the Berryville Institute of Machine Learning,

Berryville Institute of Machine Learning

Gary McGraw Mar 13

Just for the record, this is not really #MLsec...this is using #ML for security ops. Which means...whatever. yawnzies.

https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform

How We Hacked McKinsey's AI Platform

An autonomous AI agent found a SQL injection in McKinsey's Lilli AI platform. What it extracted was worse than we expected.