intermediate
- When AI Stops Being a Tool and Becomes an Attack Surface
When AI becomes an attack surface: prompt injection, end-to-end attack chains, at-risk architectures, and defensive actions.
- Device Code Phishing + Vishing: How Attackers Compromise Microsoft Entra Accounts Using Legit Login Pages
Device code phishing combined with vishing targeting Microsoft Entra: how the OAuth flow gets abused, what to monitor, and how to mitigate.
- The State of the Art in AI Agents (2026): What ‘Modern’ Actually Means
A practical overview of modern AI agent systems: tool use, retrieval, memory, verification, multi-agent patterns, evaluation, and security.
- Separation of Responsibilities in Spring-Based Systems: What Kotlin Makes Explicit
How Kotlin's type system sharpens responsibility boundaries in Spring-style architectures without replacing architectural discipline.
- The Skills Required to Truly Learn
A reflective essay on learning as disciplined endurance of uncertainty, revision, and silence.
- The Cost of Abstraction: When Layers Hide Security and Reliability Risks
Argues that abstraction layers can obscure failure modes, shift risk across boundaries, and weaken assurance unless their assumptions are made explicit.
- Why Traditional Threat Modeling Breaks Down in Generative AI Systems
Probabilistic behavior, distributional risk, and system composability invalidate core assumptions of classical threat modeling for generative AI.
- Why Most Postmortems Miss the Real Failure Mode
Postmortems often substitute proximate triggers for causal structure, obscuring system dynamics and latent conditions that drive failure.