TIL — Quick Findings

2026 ²⁹

March ²⁹

We Mapped 8 AI Security Research Projects to OWASP, NIST, and MITRE — Here’s Where the Gaps Are

March 31, 2026 · 2 min · Rex Coleman

AI Security Research → OWASP, NIST, and MITRE Standards Mapping

March 31, 2026 · 11 min · Rex Coleman

5 AI Security Gaps That Jensen Huang, Eric Schmidt, and the OpenClaw Creator All Flagged This Month

March 29, 2026 · 6 min · Rex Coleman

Our Simulation Was Wrong by 37 Percentage Points — What Real LLM Agents Taught Us About Multi-Agent Cascade

March 20, 2026 · 5 min · Rex Coleman

Your AI Makes SQL Injection Worse: CWE-Stratified Patch Safety for LLM Code Generation

March 20, 2026 · 5 min · Rex Coleman

How Many Rewrites to Strip a Watermark? Empirical Paraphrase-Removal Curves for LLM Watermarks

March 20, 2026 · 6 min · Rex Coleman

Privilege Escalation Cascades at 98% While Domain-Aligned Attacks Are Invisible

March 20, 2026 · 5 min · Rex Coleman

Your AI Can’t Beat EPSS at Vulnerability Triage (But the Ensemble Might)

March 20, 2026 · 5 min · Rex Coleman

Why Third-Party Skills Are the Biggest Agent Attack Vector

March 20, 2026 · 5 min · Rex Coleman

We Built a Multi-Agent Defense and It Failed — Here’s Why That Matters More

March 19, 2026 · 5 min · Rex Coleman

A CFA Charterholder Built an ML Fraud Detector: Here’s What the Models Miss

March 19, 2026 · 4 min · Rex Coleman

AI Security Has a Shipping Problem

March 19, 2026 · 5 min · Rex Coleman

Apply Adversarial Control Analysis to Your ML System in 3 Steps

March 19, 2026 · 7 min · Rex Coleman

Build Your Own ML Vuln Prioritizer

March 19, 2026 · 8 min · Rex Coleman

govML Quickstart: Governed ML in 15 Minutes

March 19, 2026 · 7 min · Rex Coleman

How to Detect Backdoored ML Models Without Labeled Examples

March 19, 2026 · 9 min · Rex Coleman

How to Red-Team Your AI Agent in 1 Hour

March 19, 2026 · 9 min · Rex Coleman

I Built a PQC Migration Scanner: Here’s What Your Codebase Is Hiding

March 19, 2026 · 4 min · Rex Coleman

Prompt Injection Is Yesterday’s Threat. RL Attacks Are Next.

March 19, 2026 · 6 min · Rex Coleman

The Agent Security Gap Nobody’s Talking About: Skills Run Every Heartbeat

March 19, 2026 · 7 min · Rex Coleman

Why AI-Powered Attacks Need Architecture-Level Defense

March 19, 2026 · 6 min · Rex Coleman

How to Secure Your OpenClaw in 30 Minutes

March 17, 2026 · 8 min · Rex Coleman

Beyond Prompt Injection: RL Attacks on AI Agent Decision-Making

March 16, 2026 · 5 min · Rex Coleman

Antivirus for AI Models: Behavioral Fingerprinting Detects What Static Analysis Misses

March 16, 2026 · 6 min · Rex Coleman

I Red-Teamed AI Agents: Here’s How They Break (and How to Fix Them)

March 16, 2026 · 6 min · Rex Coleman

One Principle, Six Domains: Adversarial Control Analysis for AI Security

March 16, 2026 · 4 min · Rex Coleman

Adversarial ML on Network Intrusion Detection: What Adversarial Control Analysis Reveals

March 14, 2026 · 6 min · Rex Coleman

How I Govern AI-Assisted ML Projects

March 14, 2026 · 5 min · Rex Coleman

Why CVSS Gets It Wrong: ML-Powered Vulnerability Prioritization

March 14, 2026 · 6 min · Rex Coleman

2026 29

March 29

We Mapped 8 AI Security Research Projects to OWASP, NIST, and MITRE — Here’s Where the Gaps Are

AI Security Research → OWASP, NIST, and MITRE Standards Mapping

5 AI Security Gaps That Jensen Huang, Eric Schmidt, and the OpenClaw Creator All Flagged This Month

Our Simulation Was Wrong by 37 Percentage Points — What Real LLM Agents Taught Us About Multi-Agent Cascade

Your AI Makes SQL Injection Worse: CWE-Stratified Patch Safety for LLM Code Generation

How Many Rewrites to Strip a Watermark? Empirical Paraphrase-Removal Curves for LLM Watermarks

Privilege Escalation Cascades at 98% While Domain-Aligned Attacks Are Invisible

Your AI Can’t Beat EPSS at Vulnerability Triage (But the Ensemble Might)

Why Third-Party Skills Are the Biggest Agent Attack Vector

We Built a Multi-Agent Defense and It Failed — Here’s Why That Matters More

A CFA Charterholder Built an ML Fraud Detector: Here’s What the Models Miss

AI Security Has a Shipping Problem

Apply Adversarial Control Analysis to Your ML System in 3 Steps

Build Your Own ML Vuln Prioritizer

govML Quickstart: Governed ML in 15 Minutes

How to Detect Backdoored ML Models Without Labeled Examples

How to Red-Team Your AI Agent in 1 Hour

I Built a PQC Migration Scanner: Here’s What Your Codebase Is Hiding

Prompt Injection Is Yesterday’s Threat. RL Attacks Are Next.

The Agent Security Gap Nobody’s Talking About: Skills Run Every Heartbeat

Why AI-Powered Attacks Need Architecture-Level Defense

How to Secure Your OpenClaw in 30 Minutes

Beyond Prompt Injection: RL Attacks on AI Agent Decision-Making

Antivirus for AI Models: Behavioral Fingerprinting Detects What Static Analysis Misses

I Red-Teamed AI Agents: Here’s How They Break (and How to Fix Them)

One Principle, Six Domains: Adversarial Control Analysis for AI Security

Adversarial ML on Network Intrusion Detection: What Adversarial Control Analysis Reveals

How I Govern AI-Assisted ML Projects

Why CVSS Gets It Wrong: ML-Powered Vulnerability Prioritization

2026 ²⁹

March ²⁹