how many Antigravity vulns can we chain together for a cool exploit demo 🔥 1. Invisible Unicode Tags hidden in a Linear ticket 2. Lack of human in the loop for MCP tool calls 3. Gemini 3 hijacked by the hidden instructions! 4. Bypassing guardrails for RCE 5. Developer pwnd! 💀

Will write up a blog post about it also soon to help raise awareness also.

Full Self-Driving Supervised improves US road safety by over 80%, saving lives & preventing injuries

🍪 If you have a next.js app rotate NEXTAUTH_SECRET regularly. It's all that is needed to mint valid auth cookies!

Live with @wunderwuzzi23 at #NahamCon2025!

Cool, Apple fixed some security issues in the Terminal app that I reported. 😀 🙌 https://t.co/XAHxDKR9Pr

A new way to watch UFC

Normalization of Deviance in AI in action. SUPER SUPER IMPORTANT This approach to try and secure systems is NOT normal.

Why do researchers keep finding so many prompt injection issues? Perhaps it is because many AI system designers and defenders are misunderstanding the risks.🚨 Find out more⬇️ https://t.co/j7eAFszNcl

Working on slides for NahamCon 🙌🔥

So, for instance, if used in CI/CD, attacker could call web fetch read IMDS info and leak it, etc.. scary stuff.

Another Gemini CLI issue from earlier this year fixed. 🙌 An adversary, via prompt injection, was able to invoke any tool when in non-interactive mode (eg automated workflows, CI/CD,...)

👀 🔥

Normalization of Deviance in AI That's how I call the gradual and systemic over-reliance in LLM outputs, especially with agentic systems. Treating probabilistic and possibly adversarial model outputs as if they were reliable, predictable, and safe. The model will not

Time flies!

Good news 🙌 Not Antigravity, but Gemini CLI! 🚀

🙌 Hacking one agent at a time!

Antigravity IDE update available just now. No security fixes or CVEs mentioned yet...

🫡 appreciate it

Full blog post: https://t.co/fbmN4c8phf

https://t.co/fbmN4c8phf

Will also include some of the demos in my 39c3 talk! https://t.co/ys8AdYqLsC