Skip to content
Cyber Army LogoCyber Army™

Notes

Agentic AI Security

Notes from the Cyber Army team on the corners of agentic AI security that are moving fastest right now - vulnerability discovery, autonomous exploitation, remediation patterns, and what we're learning building AutoFix and Cyber Swarm.

  • Notes·2026-06-05·9 min read

    Cybersecurity for space data centers

    Why orbital data centers (Axiom Space, SpaceX's reported AI compute push tied to its $2T IPO, NVIDIA's space-rated GPU, China's compute constellation) make autonomous remediation the only viable security model. Detection without remediation is a promise you cannot keep when the asset is 17,000 miles per hour overhead.

  • Buyer's guide·2026-05-29·13 min read

    AI pentest vs manual pentest: a factual comparison

    A neutral, factual comparison of agentic AI penetration testing and traditional manual pentests. Cost ranges, time-to-report, coverage by vulnerability category, compliance acceptance, and where each one is genuinely better than the other.

  • Notes·2026-05-22·14 min read

    Memory-safe doesn't mean bug-free: what Mythos finds in Rust

    Rust closes the memory-safety bug class that produced two-thirds of CVEs for two decades. It does not close vulnerability discovery. A look at what agentic models still surface in memory-safe codebases.

  • Tutorial·2026-05-15·12 min read

    Build an AI bug-finding pipeline today

    A hands-on walkthrough of running an agentic vulnerability-discovery pipeline against a project you own - container setup, prompt, sanitizer oracle, verification pass, and what to do with the findings. The Mythos followup, in code.

  • Notes·2026-05-08·20 min read

    Inside Mythos: how AI finds (and exploits) vulnerabilities in source code and binaries

    A walk through how Claude Mythos Preview surfaces zero-days in Linux, BSD, and FFmpeg, how it reverse-engineers closed-source binaries to find bugs without source, and what the economics mean for the people who have to patch them.

  • Notes·2026-05-01·15 min read

    Software supply chain attacks in 2025-2026: notes on what happened

    A rundown of the big software supply chain incidents from 2025 into early 2026 - Axios, Shai-Hulud, Chalk/Debug, Nx, and the TeamPCP campaign - with what we know about how each one worked and what to do about it.

Want to subscribe? Drop your email on the contact page.