High-Confidence Wrong: AI and Insecure Code
Studies show ~45% of AI-generated code carries OWASP-class flaws. The threat isn’t exotic - it’s ordinary defaults shipped at machine speed.
Research
27 postsSummaries and analysis of studies, standards, and benchmarks that matter with AI.
The Trojan Stack: Fake AI APIs and SDKs
Malicious AI-branded SDKs, fake APIs, and extensions are the new supply chain. How they steal tokens and hurt startups - and what to watch.
Industrialized AI Intimacy Scams
Inside shift-based, AI-oiled chat factories that scale intimacy across apps and convert attention into deposits.
When a Meeting Isn’t a Meeting
Live deepfake calls blend faces, voices, and authority to move money. Arup's loss shows founders must treat meetings as attack surfaces.
The Clone On The Line
AI-cloned voices turn routine calls into urgent traps. How vishing exploits trust, scales with kits, and targets SMBs.
AI Catfishing at Scale: How SMBs Get Hooked
Catfishing has gone corporate. IMFI uses LLMs, scripts, and handoffs to mirror founders and funnel affection into theft.
When “Prove-It” Stops Proving Anything
AI makes voices, faces, and behavioral biometrics easy to counterfeit. Identity checks become theater. Assurance erodes.
AI Phishing Kits Sound Like Your Boss
AI phishing kits mimic executives, sync email, chat, and SMS, and regenerate when blocked. The scam didn't change–the scale and polish did.
Subscribe to new posts
Processing your application
Please check your inbox and click the link to confirm your subscription
There was an error sending the email