Gary McGraw1d ago

“They’re not really kind of standing back from these things and actually really taking an appropriate risk assessment. If you put a junior intern on this stuff, you would never give that junior intern access to all of your critical severity one HR data,”. #MLsec #AI #ML

And this is just one agent. Lol

https://www.theguardian.com/technology/2026/mar/20/meta-ai-agents-instruction-causes-large-sensitive-data-leak-to-employees

Meta AI agent’s instruction causes large sensitive data leak to employees

Artificial intelligence agent instructed engineer to take actions that exposed user and company data internally

The Guardian
Gary McGraw2d ago

BIML's first Whitebox Summit #MLsec #ML #AI #infosec #security

https://berryvilleiml.com/2026/03/20/why-whitebox-machine-learning-matters/

Why Whitebox Machine Learning Matters | BIML

Imagine that you are trying to practice good security engineering at the system level when one of your essential compone

Berryville Institute of Machine Learning
Gary McGraw2d ago
Whitebox #AI security summit witjh Starseer and Realm Labs. Get inside the neural network and see what's going on. #MLsec #ML #infosec #security
Gary McGraw3d ago
BIML interacts with other major #MLsec lab regularly. Neil Daswani runs a Stanford research group on #MLsec where BIML will present next week.
Gary McGraw3d ago

This nicely balanced article by @cademetz is only the tiniest tip of the iceberg. The security issues surrounding control of one agent get much more complicated when a swarm of agents (say 10,000 or even 1,000,000) is what you must consider. Time for #MLsec to face the future...not look back to adapt spent solutions.

#ML #AI #AgenticAI

https://www.nytimes.com/2026/03/19/technology/ai-agents-uses.html?unlocked_article_code=1.UVA.L8Pk.hlPQ4ekR49lC&smid=nytcore-android-share

A.I. Bots Can Act as Personal Digital Assistants, but There Are Serious Risks

New A.I. bots can do more than just chat. They can edit files, send emails, book trips and cause trouble.

The New York Times
Gary McGrawMar 14

Thanks again to @gadi and company for organizing [un]prompted. BIML can't wait for the next one. Looking like this Fall...

#MLsec #Ai #ML

https://berryvilleiml.com/2026/03/13/unprompted-helping-to-define-mlsec/

[un]prompted helping to define MLsec | BIML

One of our key missions at BIML is to define the future of machine learning security. [un]prompted was hugely helpful in

Berryville Institute of Machine Learning
Show threadGary McGrawMar 14

A complete Silver Bullet archive (with episodes starting twenty years ago in 2006) can be found on my website.

#swsec #appsec #MLsec

https://www.garymcgraw.com/technology/silver-bullet-podcast/

Silver Bullet Podcast | Gary McGraw

The Silver Bullet Podcast with Gary McGraw features interviews with security gurus

Gary McGrawMar 14

The Silver Bullet Security Podcast rides again. Our first relaunch episode (episode 154 for those of you counting) can be found on the BIML website.

#MLsec #swsec #appsec #ML #AI

Future episodes are already planned with Giovanni Vigna, Phil Venables, and Nicolas Papernot.

Tune in and subscribe.

https://berryvilleiml.com/podcast/

Silver Bullet Security Podcast | BIML

Welcome to the Silver Bullet Security Podcast, created and hosted by the Berryville Institute of Machine Learning,

Berryville Institute of Machine Learning
Gary McGrawMar 13

Just for the record, this is not really #MLsec...this is using #ML for security ops. Which means...whatever. yawnzies.

https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform

How We Hacked McKinsey's AI Platform

An autonomous AI agent found a SQL injection in McKinsey's Lilli AI platform. What it extracted was worse than we expected.

Gary McGrawMar 12

What is "beigification" in AI, and is it good or bad?

#AI #ML #MLsec

https://berryvilleiml.com/2026/03/12/on-beigification/

On “Beigification” | BIML

Lets face it, beige has a bad name. Maybe it was the omnipresent Docker khakis of middle management 20 years ago, or may

Berryville Institute of Machine Learning