Security Engineering · Personal Publication

Clear writing on messy security problems.

Notes for engineers who need decisions, not fear: application security, AI systems, threat modeling, and what happens when incentives meet real attackers.

Read the blog About

Posts03

FocusApp Sec
AI Systems
Threat Modeling

Featured

Full archive →

May 27, 20265 min readFeatured

Prompt Injection Grew Up

Indirect prompt injection has moved from research demos to real CVEs in Microsoft 365 Copilot, GitHub Copilot, Cursor, and Claude connectors. A short read on where the threat actually stands now.

Mar 25, 20265 min readFeatured

Tokenization Attacks: The AI Security Risk Almost Nobody Models

Why retrieved text is not just ‘untrusted input’ but an attacker-controlled instruction channel when your model can call tools — and how to think about controls without magical safety guarantees.

Recent

May 23, 20265 min read

SSRF in PDF and HTML Rendering Pipelines: What Puppeteer-Style Services Get Wrong

Why headless-browser renderers quietly become one of the most powerful SSRF primitives in your stack, and how to think about controls before the next 'just render this URL' feature ships.

Topics

All tags →