🤖❤️‍🔥 Building Your Personal AI Infrastructure

I’m stoked to announce I’ll be doing a webinar with my friend Daniel Miessler on his epic AI setup.

(If you’re not familiar with Daniel, he writes the excellent Unsupervised Learning newsletter and created the Fabric project.)

Daniel has spent maybe more time than anyone I know on his personal AI infrastructure.

So I’m stoked to have him walk through his setup, do some live demos, and answer your questions.

We’ll cover:

• Building out Claude Code as your command center.

• A maturity model for integrating AI into your work.

• Recent developments and how best to use them: Skills, sub-agents, etc.

• “Productionizing” your AI infra and tactical tips: ensuring the right agents and skills are called, structuring context for easy agent retrieval, automatically managing agent history, coordinating between agents, tool calling, etc.

• And more!

Hope to see you there 👋 

👉️ Join us Dec 3rd at 10am PT 👈️ 

🦃 P.S. No tl;dr sec next week due to Thanksgiving! Hope you get some time to relax with people you care about.

Sponsor

📣 Start your Red Team Journey with
Altered Security

Altered Security offers multiple Red Team courses for on-prem and cloud with affordable and enterprise-like hands-on labs. 

Highlights of Altered Security courses:

• Industry recognized certifications like Certified Red Team Professional (CRTP), CRTE, CARTP and more. 

• Easy to access and huge enterprise-like labs.

• Designed by Black Hat USA and DEF CON veterans. 

• Trained more than 40K professionals from 130+ countries and 500+ organizations. 

Get 20% OFF on all courses in our Black Friday deals until December 17, 2025. No coupon code required.

👉 Enroll Now 👈

AppSec

Secrets Story: The Prefixed Secrets That Tried%20to%2BGet\nAway
Semgrep’s Lewis Ardern describes how secret scanning tools miss valid leaked secrets due to over-reliance on false positive reduction techniques like non-word boundaries and keywords. He found hundreds of valid GitHub, OpenAI, Anthropic, and other tokens publicly leaked on GitHub that went undetected by popular scanning tools.

💡 Secret detection is actually surprisingly complex and nuanced, which this post does a good job at demonstrating with concrete examples. If you want to get into the nitty gritty, check it out.

Android is expanding Rust adoption to the Linux kernel, firmware, and first-party applications like Nearby Presence and MLS, and parsers for PNG, JSON, and web fonts in Chromium.

Sponsor

📣 Meet Cortex Cloud 2.0: The Autonomous AI Workforce for Cloud Security

The complexity of securing modern cloud environments — from development to deployment — has reached a breaking point. Siloed tools and alert fatigue turn visibility into chaos.

Discover how Cortex Cloud™ 2.0 sets the new standard for autonomous cloud security, connecting code, cloud, runtime and automation.

You’ll learn how to:

• Solve any cloud security challenge with automation driven by agentic AI trained on over 1.2 billion real-world responses.

• Reduce risk across your multicloud environment with intuitive, actionable command centers that elegantly visualize risk. 

• Stop advanced attacks with a performance-optimized version of our best-in-class CDR agent with 50% less resource consumption.

Watch this webinar now to see the new standard for cloud security for yourself.

👉 WATCH NOW 👈

Automatically investigating alerts, gathering context, and auto-fixing things where possible is going to be huge when done well. And 1.2B real-world responses is a pretty big dataset to train on 🤯 

Cloud Security

AWS re:Invent 2025: Your guide to security sessions across four transformative themes
There will be >80 security-focused sessions across four main themes: Securing and Leveraging AI, Architecting Security and Identity at Scale, Building a Culture of Security, and Innovations in AWS Security.

The AI security sessions cover protecting AI workloads, securing agentic AI systems, and using AI for security operations, with workshops on red teaming generative AI applications and implementing authentication for AI agents.

Blue Team

R3DRUN3/magnet
By Simone Ragonesi: A purple-team telemetry & simulation toolkit designed to generate both telemetry and malicious activity for testing detection capabilities and SOC analyst responses. Magnet includes simulation modules mapped to MITRE ATT&CK, like ransomware (which generates and encrypts thousands of files, attempts to delete shadow copies, and places ransom notes), discovery simulation, and high CPU miner simulation, while writing detailed activity logs in various formats to help security teams validate their detection rules and behavioral analytics.

Automation for Threat Detection Quality Assurance
Blake Hensley outlines various types of automated tests to verify threat detection rules before deployment, including: foundational checks (schema validation, query syntax validation, source health monitoring, pipeline integrity checks), a simple backtest (running a query backwards in time over historical data to determine if there are too many results), execution efficiency (performance metrics like query time), dynamic backtests, comparing the original query results to the new query, using an LLM-as-judge, unit tests (known pass/fail cases), and validating the detection logic works from purple team activity in a lab environment.

See also Blake’s example GitHub implementation (kql-tester) that applies the first four tests to KQL in Azure Sentinel analytic rules.

Threat Hunting vs. Threat Intelligence
Recorded Future’s Maddy Maletz explains how threat intelligence (understanding external threats, their motives, and TTPs) and threat hunting (proactively searching for threats already inside systems) work together to create a more effective security strategy. Threat intelligence guides hunting hypotheses and provides context for suspicious findings, while threat hunting validates intelligence and discovers what automated defenses miss.

💡 I thought this was a nice high level overview, and I like the comparison table.

Red Team

winsecurity/MaleficentVM
A practice VM for malware development. It contains practice challenges for malware development just like CTF challenges, including: enumerate the OS version or service configuration, inject shellcode into a target process, use IAT hooking to hook a specific function, etc.

EvilBytecode/GoDefender
A powerful Go-based security toolkit designed to detect and defend against debugging, virtualization, and DLL injection attacks. GoDefender provides multiple protection mechanisms to make reverse engineering and analysis significantly more difficult, including virtualization detection (VMware, VirtualBox, KVM, QEMU, Parallels), anti-debugging techniques (API monitoring, critical function patching, process validation), and DLL injection prevention by leveraging Binary Image Signature Mitigation Policy to block non-Microsoft binaries.

Evading Elastic EDR's call stack signatures with call gadgets
Almond OffSec’s SAERXCIT demonstrates a technique to evade Elastic EDR's call stack-based detection by inserting arbitrary modules into the call stack during module loading, allowing shellcode to load a network module without getting detected (PoC).

AI + Security

Quicklinks

• rowboatlabs/rowboat - AI-powered CLI for background agents.

• toon - Token-Oriented Object Notation - Compact, human-readable, schema-aware JSON for LLM prompts.

• You Should Write An Agent - Thomas Ptacek argues that writing simple LLM agents is easy, and you should write one to really get it. You can build a simple one in 30min.

• How to discover shadow AI [Free Guide] - The first step in mitigating AI risks is to uncover where AI is being used across your SaaS ecosystem. Get a fast start with this guide.*

  • Also, congrats to Nudge for raising a $22.5M Series A 🥳 3x ARR growth for two consecutive years, 60 feature releases in the last 12 months.

• Paper - Solving a Million-Step LLM Task with Zero Errors

^*Sponsored

Private AI Compute: our next step in building private and helpful AI
Google’s Jay Yagnik announces Private AI Compute, a new cloud-based AI system designed to deliver AI capabilities while maintaining user data privacy. Private AI Compute runs on one Google stack powered by their custom Tensor Processing Units (TPUs) and Titanium Intelligence Enclaves (TIE). Remote attestation and encryption are used to connect your device to the hardware-secured sealed cloud environment, allowing Gemini models to securely process your data within a specialized, protected space that not even Google can access.

💡 Apple previously announced their Private Cloud Compute, so it makes sense that Google would get into the same game. I wonder if OpenAI or Anthropic will too 🤔 

Public Report: Google Private AI Compute Review
NCC Group shares their public report on Google’s Private AI Compute cloud system. The assessment included architecture review, cryptographic assessment of the attestation/encryption implementations, security analysis of IP-blinding relay, source code review, and more. Ten consultants, 100 person-days.

💡 Beyond just the findings, the system architecture overview, system components, and general discussion of how things work is neat. Also shout-out to my former NCC colleagues 🙌 

Disrupting the first reported AI-orchestrated cyber espionage campaign
Anthropic describes a campaign by a Chinese state-sponsored group used Claude Code as an autonomous agent to target 30 global organizations, successfully infiltrating a small number. The attackers jailbroke Claude by breaking tasks into seemingly innocent components, convincing it it was performing legitimate security testing, then had it autonomously perform reconnaissance, vulnerability discovery, exploit development, lateral movement, credential harvesting, and data exfiltration with minimal human intervention. Full Report.

“The threat actor was able to use AI to perform 80-90% of the campaign, with human intervention required only sporadically (perhaps 4-6 critical decision points per hacking campaign).”

Researchers question Anthropic claim that AI-assisted attack was 90% autonomous
Article by Ars Technica’s Dan Goodin tying together a few security researchers questioning the Anthropic report’s claims, arguing that Claude regularly declines legit security researchers when asking it to perform cybersecurity tasks, so why would these threat actors get much better performance? And the report said that Claude “frequently overstated findings and occasionally fabricated data during autonomous operations, claiming to have obtained credentials that didn’t work or identifying critical discoveries that proved to be publicly available information.”

Capabilities of Lower Sophistication Actors Will Increase
LinkedIn post by Chris Thompson, founder of Offensive AI Con: “A lot of people are missing the point; offensive cyber capabilities in current models are a side-effect of being trained on coding datasets. As frontier model labs and private groups start to shift to tuning current models and training purpose-built cyber models on refined offensive datasets, the effectiveness of open and closed models will increase significantly, enabling stealth & evasion focused offensive cyber operations and advanced ransomware attacks.”

The dawn of AI-orchestrated cyberattacks: A call to action for cyber defense
PwC’s Morgan Adamski (former NSA Director and U.S. Cyber Command Executive Director) and David Ames and former NSA Director Rob Joyce weigh in on the Anthropic report. “Cost asymmetry: The operation showed that attackers can add more compute/data/test time to model exploits and get immediate, scaled impact, while defenders are working linearly (focusing on adding headcount, dealing with fragmented tools, etc.).”

From Rob Joyce on LinkedIn: “I’ve been following offensive AI developments with great interest over the last year. I don’t think defenders yet appreciate how rigorously capable Agentic AI will test their attack surface. Some remain dismissive of today’s AI-driven hacking capabilities, but they’re not accounting for the exponential rate of improvement.”

How to replicate the Claude Code attack with Promptfoo
Ian Webster walks through using Promptfoo to jailbreak Claude Code to perform tasks including creating and installing a keylogger and reverse shell, enumerating and exfiltrating SSH private keys and API keys, etc.

After running 332 adversarial scenarios, they found that many agents lose track of their safety training 15 turns into a conversation about "Blue Team playbooks."

💡 I found the discussion of attack strategies interesting, like the “meta” prompting strategy that is effectively an agent reasoning loop on the attacker's side that attempts a jailbreak, looks at why the jailbreak didn't work, and then intelligently modifies it to try again, and “hydra”, which uses multi-turn conversations to gradually escalate and can backtrack and reset the agent's state each time it hits a refusal.

Misc

AI

• Gemini 3 - Wake up bae, new model dropped! They launched their own VS Code-fork (Google Antigravity) that has built-in browser use, nano banana to generate mocks, screen recordings to prove features were implemented, give visual comments on a specific element like a designer would, and more. Looks pretty rad.

• FT - Oracle is already underwater on its ‘astonishing’ $300bn OpenAI deal

• Google’s Sundar Pichai says trillion-dollar AI investment boom has 'elements of irrationality' 

• Cheeky Pint - Satya Nadella describes how lessons from Microsoft’s history apply to today’s boom

Misc

• Adam Wathan - What have bought that’s made something in your life a million times easier that most people don’t seem to know about?

• Dickie Bush - The Goal-Achieving Hack I Wish I Knew Earlier - It’s all about solving the core constraint, and then doing more/better.

• Coca Cola has an executive who is solely in charge of their relationship with McDonalds

• Untranslatable - Various idioms in different languages and cultures and what they mean. Fascinating!

• Warren Buffet’s final shareholder letter - “Decide what you would like your obituary to say and live the life to deserve it… Greatness does not come about through accumulating great amounts of money, great amounts of publicity or great power in government. When you help someone in any of thousands of ways, you help the world. Kindness is costless but also priceless.”

• Daniel Priestley - Oversubscribed - Summarized by the Author

• Kid magician doing three-card Monte on Penn & Teller

Music

• That time a choir kid used a helium balloon to hit an insanely high note 😂 

• Charlie Puth Mixes Jimmy’s Raw Vocals to Create a Song on the Spot

• How EJAE and Mark Sonnenblick Created "Golden" From KPop Demon Hunters

• Why Phil Collins' GENIUS Songs In Tarzan Are Even Crazier Than You Thought - Very fun breakdown of “Strangers Like Me.” I remember loving the Tarzan soundtrack when it first came out, and my dad was a big fan of Phil Collins, so we’d listen to it together sometimes. I wish he was around to hear this melodic breakdown, I think he’d really like it.

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,
Clint

P.S. Feel free to connect with me on LinkedIn 👋