#essay · Blog · Ayush Sharma

Dark cover with cyan glow and white title text

May 11, 20269 min read

GPT-5.5 Made the Mythos Restriction Obsolete

The AISI benchmark shows GPT-5.5 matches Mythos on offensive cyber tasks. The case for model-specific restriction got much harder to make.

#ai #security #essay #claude

Dark cover with amber glow and white title text

May 11, 20269 min read

Project Glasswing and the Open-Weights Problem

Anthropic locked Claude Mythos behind a $100M vetted-access program. Meanwhile, DeepSeek V4 is on Hugging Face for anyone to download. The policy and the threat model point in different directions.

#ai #security #essay

Dark cover with orange glow and Copy Fail post title

May 5, 20269 min read

Copy Fail: Nine Years in the Kernel, Zero Traces on Disk

CVE-2026-31431 lets any local user gain root with 732 bytes of Python. The on-disk file never changes. That's not a detail. That's the whole lesson.

#security #vulnerability #linux #essay

Dark cover with a glowing red accent and the post title

May 2, 20268 min read

GitHub Got Owned by a Semicolon

CVE-2026-3854 let any authenticated user pop GitHub's backend with a single git push. The bug class is older than I am. So why does it keep working?

#security #vulnerability #github #essay

Abstract dark gradient with a vertical blue accent line

May 1, 202610 min read

Claude 4.7 and the End of Prompt Engineering as We Knew It

The era of bag-of-tricks prompts is closing. The new bottleneck isn't writing the perfect sentence. It's engineering the right context. Notes from a year of building with agentic models.

#ai #claude #agents #essay

May 11, 20269 min read

GPT-5.5 Made the Mythos Restriction Obsolete

The AISI benchmark shows GPT-5.5 matches Mythos on offensive cyber tasks. The case for model-specific restriction got much harder to make.

#ai #security #essay #claude

May 11, 20269 min read

Project Glasswing and the Open-Weights Problem

Anthropic locked Claude Mythos behind a $100M vetted-access program. Meanwhile, DeepSeek V4 is on Hugging Face for anyone to download. The policy and the threat model point in different directions.

#ai #security #essay

May 5, 20269 min read

Copy Fail: Nine Years in the Kernel, Zero Traces on Disk

CVE-2026-31431 lets any local user gain root with 732 bytes of Python. The on-disk file never changes. That's not a detail. That's the whole lesson.

#security #vulnerability #linux #essay

May 2, 20268 min read

GitHub Got Owned by a Semicolon

CVE-2026-3854 let any authenticated user pop GitHub's backend with a single git push. The bug class is older than I am. So why does it keep working?

#security #vulnerability #github #essay

May 1, 202610 min read

Claude 4.7 and the End of Prompt Engineering as We Knew It

The era of bag-of-tricks prompts is closing. The new bottleneck isn't writing the perfect sentence. It's engineering the right context. Notes from a year of building with agentic models.

#ai #claude #agents #essay