been building AI agents, breaking web apps, and writing code that scares me at 3am for a while now.
pivoting this account toward what actually excites me: security, tooling, and the weird space where AI meets hacking.
less noise, more signal. let's go.
someone used OpenAI's Assistants API as C2 infrastructure.
commands hidden in encrypted assistant descriptions.
results exfiltrated via message threads.
disguised as normal enterprise AI traffic.
the attack surface is the product.
https://t.co/BsSUUXQJgH