24 When, not if: what a proof leaves open. NIST proves no finite set of guardrails is universally robust. The wall will be breached. The only open question is whether anyone independent was watching when it happened.
Jun 2026 Read →
23 The fifteen-year-old boy, the worm, and free AI. Toronto + Cambridge proved an adaptive AI worm works. The ingredients are all public. The question is what the receiving side can see when one arrives.
Jun 2026 Read →
22 The exposure no one deployed, and no one can delegate. Third-party AI agents are acting inside your business logic. The risk isn’t that they exist—it’s that nobody can prove how they behaved.
Jun 2026 Read →
21 Multi-agent risk, observed from the receiver side. Several multi-agent risk factors identified in the 2025 cooperative AI report are no longer theoretical. From the receiver side, they can be watched as they happen.
Jun 2026 Read →
20 The missing strand. When entities are operated by autonomous agents, limited liability depends on a layer that has not been built yet: evidence of what the agent actually did.
Jun 2026 Read →
19 When agents guess what should exist. Automated agents request paths that never existed on any observed property. The fabricated request reveals the model, not the target.
Jun 2026 Read → 18 The gap between permission and conduct. Permission is evaluated at a point in time. Conduct unfolds over time. In agentic systems, the risk lives in the distance between them.
Jun 2026 Read → 17 The other half of the identity. Identity tells you who. Behavior tells you what. The web has been building infrastructure for the first half. The second half is what arrives at the door.
Jun 2026 Read →
16 Naming the layer. The second layer is receiver-side behavioral attestation. Six operational dimensions, observable only from the surface where the agent arrives. This note names it.
May 2026 Read →
15
When the receiver saw what arrived.
A Brazilian court case and the architectural fact it documents. The receiver observed what no sender, regulator, or third party could have produced.
Jun 2026
Read →
14
Nine documents, one gap.
Between April 2 and May 26, 2026, nine independent institutional events documented the same structural condition. None coordinated. Eight identify the gap. One proposes a sender-side architecture. The ninth remains unspecified.
May 2026
Read →
13
Three documents, one gap.
Within four days, three institutional documents landed. OMB M-26-14, Cisco AI WAN 2026, Socket TrapDoor. None named the same problem. All three described it.
May 2026
Read →
12
Synthetic contribution overload.
When a 548-file pull request to vLLM named the category the ecosystem had not yet named: synthetic participation at scale.
May 2026
Read →
11
The second standard.
Why continuous internal audit anticipates — but does not substitute for — receiver-side attestation of agent behavior observed at public surfaces.
May 2026
Read →
09
The layer that reads what happened.
Why behavioral attestation from the receiver side is becoming the missing reference of cyber-AI governance.
May 2026
Read →
10
When five years meet five days.
On the architectural asymmetry of the AI-augmented adversary. Seven independent publications in one week collapsed the gap between forecast and evidence.
May 2026
Read →
08
When agents talk to agents.
What Moltbook reveals about the receiver side. Identity layer fragmentation and the observability problem.
May 2026
Read →
07
Behavioral Briefing May 2026.
Monthly intelligence briefing. Extraction patterns, actor characterization, cross-property correlation.
May 2026
Read →
06
45% of adversarial traffic passes your WAF.
Why behavioral observation catches what identity-based systems miss.
May 2026
Read →
05
Agent role predicts adversarial resistance.
Role beats governance. What evaluation data shows about agent behavioral patterns.
May 2026
Read →
04
The layer daybreak doesn't cover.
On the operational layer that contemporary security frameworks leave unobserved.
May 2026
Read →
03
Seventeen days of reconnaissance.
A single actor, across twenty cloud providers. Field observation.
May 2026
Read →
02
A stealth operator transiting Alibaba and AWS.
Field report. The characterization of an undeclared automated actor.
Apr 2026
Read →
01
When scrapers stop forgetting.
On the receiver-side implications of agent memory and persistence.
Apr 2026
Read →
00
Two generations of agent evaluation.
From checklists to behavioral evidence.
Apr 2026
Read →
