Security engineer and vulnerability researcher specializing in AI systems and cloud security. BSidesSF, Black Hat invited speaker.
Lead Cloud & AI Security at Wyze Labs. Discovered vulnerabilities in Google Gemini CLI, Anthropic Claude Code, Anthropic MCP Servers, Microsoft Azure, GitHub Copilot, Vercel add-skill, Next.js, and NSA's Emissary project. Research featured in The Hacker News, The Verge, and international media.
Media Coverage
Anthropic MCP Git Server Vulnerabilities (CVE-2025-68143) - Featured in The Hacker News, Dark Reading, Infosecurity Magazine, CSO Online, InfoWorld, SiliconANGLE, and Techzine (January 2026)
Microsoft Azure NLWeb Vulnerability - The Verge exclusive interview. Subsequently featured in 30+ international outlets including PCWorld, IT Pro, Neowin, Tom’s Guide, CIO Korea, 3DNews Russia, iSpazio Italy, Dagens AI Denmark — with coverage in 10+ languages across North America, Europe, Asia, and South America (August 2025)
Upcoming Talk
Not My Vibe: When AI Coding Agents Go Off the Rails
BSidesSF 2026 • City View at Metreon, San Francisco • Mar 21, 2026
Remote Server, Local Root. Welcome to MCP.
Black Hat Asia 2026 • Singapore • Apr 24, 2026
Notable Vulnerabilities
- Path Traversal in Anthropic MCP Git Server - CVE-2026-27735 • Capability Laundering (80K Stars)
- Credential Exfiltration in Anthropic MCP Git Server - CVE-2025-68143 • Capability Laundering (80K Stars)
- Sandbox Bypass in Anthropic Claude Code - CVE-2025-66479 • Network Isolation Bypass (72K Stars)
- Command Injection in Google Gemini CLI - 4 Bypass Techniques • Google Cloud VRP, Bounty Confirmed (96K Stars)
- Current Working Directory Bypass in Google Gemini CLI - Path Restriction Bypass • Google Cloud VRP (96K Stars)
- Path Traversal in Microsoft Azure NLWeb - Featured by The Verge
- DoS in Next.js - CVE-2024-39693 • CVSS 8.7 (138K Stars)
- Terminal Hijacking in Anthropic MCP Memory Server - Security Fix PR • Capability Laundering (80K Stars)
- RCE in Microsoft OmniParser - CVE-2025-55322 (24K Stars)
- Weak Crypto in NSA Emissary Project - CVE-2025-27508 • CVSS 7.5
Past Talks
Leveraging Amazon Q CLI for Security Workflows
Amazon Invited Talk • 150+ Engineers • Aug 2025
Introduction to Amazon SP-API Guard Automated Auditing
Amazon Developer University Webinar Series • 200+ Developers • 2023
Building Secure Cloud-Native SaaS with AWS SaaS Factory
AWS Enterprise Forum • 300+ Attendees • Beijing • Aug 12, 2022
Blog Posts
CVE-2025-66479: Anthropic’s Silent Fix and the CVE That Claude Code Never Got (2025)
Three Dots to Root: How I Found a Path Traversal in Microsoft’s Agentic Web (NLWeb) (2025)
Rotate Your SP-API Credentials Using AWS (May 17, 2023)
Using Amazon Selling Partner API Guard for Security Audits to Make Your SP-API Applications More Compliant (Dec 6, 2022)
Whitepapers & Industry Impact
- CNCF, Software Supply Chain Best Practices v2, Reviewer (2024)
Referenced by NIST SP 800-218 - Secure Software Development Framework - Cloud Security Alliance, Managing Privileged Access in The Cloud-First World, Reviewer (2025)
- Cloud Security Alliance, Secure Agentic System Design, Reviewer (2025)
- CNCF Security TAG, Cloud Native AI Security Whitepaper, Author (In Review, 2025)
Experience
Wyze Labs - Lead Cloud & AI Security (2024 - Present)
Leading cloud and AI security across 200+ AWS accounts, 20+ GCP projects, securing AI products like AI Video Search and Descriptive Alerts.
Amazon - Security Solutions Architect (2020 - 2023)
Drove security compliance for 90 ISVs, launched SP-API Guard, mentored engineers, built serverless security solutions.
Cisco Webex - Software Engineer (2020)
Infrastructure provisioning and GitOps for K8s clusters, managed 100K+ VMs across cloud providers.