Slayer_X

Your AI agent is being manipulated — and it doesn’t know it

Google DeepMind just published the largest empirical study of AI manipulation ever conducted — 502 participants across 8 countries, 23 attack types, tested against frontier models including GPT-4o, Claude, and Gemini. The findings should alarm every organization or individuals deploying agentic systems.

When you ask an AI agent to browse the web, book a flight, or summarize a document, you assume it’s seeing what you would see. It isn’t — not always. Websites can already detect when an AI agent visits and serve it entirely different content than a human would receive. The agent processes whatever it’s given and acts on it, with no way to tell you anything was different.

This isn’t theoretical. The DeepMind study documents that manipulation is already happening at scale — and that today’s defenses fail in ways that are both predictable and invisible.

“The attack does not need to compromise the model. It needs to compromise the data the model consumes.”

The attack surface nobody is talking about

Researchers catalogued 23 distinct attack vectors: text hidden in HTML comments, commands encoded in image pixels using steganography (invisible to humans, readable by vision-capable models), malicious instructions buried in PDFs, and QR codes that redirect agents to attacker-controlled content. Any data source an agent consumes becomes a potential attack vector.

The detection asymmetry makes this especially dangerous. Websites can fingerprint AI agents with high reliability using timing analysis and behavioral patterns — meaning attacks can be conditional: serve normal content to humans, serve manipulated content to agents.

Why defenses are failing

Input sanitization fails because the attack surface is too large and too varied — you cannot sanitize image pixels or reliably detect steganographic content at inference time. Human oversight, the most commonly cited mitigation, breaks down at the scale agentic systems operate. A user who deploys an agent to browse 50 websites cannot review every page for hidden instructions.

In multi-agent pipelines, the problem compounds. If Agent A retrieves compromised content, Agent B and Agent C process it with the same trust level as legitimate instructions. The injected command travels through the entire system undetected.

What this means for agent users

Popular open-source frameworks like OpenClaw and Hermes are directly exposed to the vulnerabilities described in this research. But the problem goes far beyond any single tool. Millions of people are now running agents that browse the web, send emails, execute commands, and manage files autonomously — often without a clear picture of what those agents are actually consuming along the way.

The attack surface scales with adoption. Every new agent deployment, every new skill installed, every new data source connected is another potential entry point. And unlike traditional software vulnerabilities, these attacks leave no obvious trace — the agent simply behaves as instructed, by whoever crafted the content it read.

A preview of the challenges ahead

This research is not just a report on a technical flaw. It is a signal of what the AI era is going to demand from all of us. We are deploying systems that act autonomously and hold real authority over our most sensitive workflows — before the security discipline to match that trust has matured.

The challenges we face today with prompt injection and memory poisoning are the early version of a much broader problem. Building agents that are genuinely safe will require the same rigor we eventually developed for web security and software supply chains — and it will take time we may not feel like we have.

We are living interesting times, this is truly overwhelming.

The agents are already deployed. The attack infrastructure is being built. Read the full DeepMind study →

My top metal albums of 2025

Every year I try to listen new albums and create a ranking of the best, 2025 was really prolific, too much music, I am pretty sure I missed a lot of great records, so, here is the list of the best metal albums of 2025 based on my personal taste.

1. An Abstract Illusion – The Sleeping City

Style: Progressive Death Metal
Origin: Sweden
Atmospheric and emotionally dense, blending technical precision with expansive compositions and a strong sense of melancholy.

2. Coroner – Dissonance Theory

Style: Technical Thrash Metal
Origin: Switzerland
What a comeback!! After many years Coroner delivered a great thrash metal album.

3. Gruesome – Silent Echoes

Style: Death Metal
Origin: USA
A faithful tribute to early Death, featuring raw riffing, old-school brutality, and classic death metal aesthetics.

4. One of Nine – Dawn of the Iron Shadow

Style: Melodic Black Metal
Origin: Germany
Epic and atmospheric black metal with strong symphonic elements, deeply inspired by the world and mythology of J.R.R. Tolkien.

5. Helloween – Giants & Monsters

Style: Power Metal
Origin: Germany
Melodic, energetic, and polished, delivering massive choruses and classic power metal spirit.

6. Blackbraid – Blackbraid III

Style: Atmospheric Black Metal
Origin: USA
Raw and spiritual, blending nature-inspired themes with haunting melodies and aggressive execution.

7. Testament – Para Bellum

Style: Thrash Metal
Origin: USA
They keep doing well combining classic thrash energy with modern production.

8. Dream Theater – Parasomnia

Style: Progressive Metal
Origin: USA
Back to the roots, great song-writing, featuring complex arrangements and virtuosic musicianship.

9. Lights of Vimana – Neopolis

Style: Progressive Instrumental Metal
Origin: USA
Futuristic and cinematic, driven by technical precision and sci-fi atmosphere.

10. Allegaeon – The Ossuary Lens

Style: Technical Death Metal
Origin: USA
Fast, melodic, and intellectually driven, blending brutality with scientific themes.

11. Beholder – In the Temple of the Tyrant

Style: Heavy / Doom Metal
Origin: USA
Dark and epic, rooted in traditional heavy metal with doom-laden heaviness.

12. Hazzerd – The 3rd Dimension

Style: Thrash Metal
Origin: Canada
High-speed, aggressive, and firmly rooted in old-school thrash traditions.

13. Igorrr – Amen

Style: Avant-Garde Metal
Origin: France
Chaotic and experimental, mixing extreme metal with electronic, classical, and baroque influences.

14. Rivers of Nihil – Rivers of Nihil

Style: Progressive Death Metal
Origin: USA
Atmospheric and emotional, focusing on mood, melody, and evolving song structures.

15. Messa – The Spin

Style: Doom Metal
Origin: Italy
Dark and elegant, blending doom with jazz, psychedelic, and occult influences.

16. Havukruunu – Tavastland

Style: Epic Black Metal
Origin: Finland
Melodic and triumphant, rooted in pagan themes and historical storytelling.

17. Warbringer – Wrath and Ruin

Style: Thrash Metal
Origin: USA
Relentless and aggressive, delivering pure old-school thrash intensity.

18. Void – Forbidden Morals

Style: Speed / Thrash Metal
Origin: USA
Raw, fast, and unapologetically old-school in sound and attitude.

19. Benediction – Scriptures

Style: Death Metal
Origin: United Kingdom
Heavy and crushing, staying true to classic British death metal roots.

20. Behemoth – The Shit Ov God

Style: Blackened Death Metal
Origin: Poland
Massive, blasphemous, and cinematic, with dark atmosphere and monumental production.

I created a Spotify playlist if you want to check any from this list:

My Journey to the Ultimate Terminal: Why I’m Using Ghostty in Linux and MacOS

I’ve spent years exploring different terminal emulators. As a long-time KDE user, Konsole was my home for a long time. However, when the “new wave” of GPU-accelerated terminals arrived, I started chasing performance. I moved to Alacritty, then Kitty, and finally discovered Ghostty in early 2025. I haven’t looked back since.

What makes Ghostty special is how it balances raw power with extreme simplicity. While it works perfectly out of the box, I’m a firm believer in personalizing the tools I use every day.

Some features

GPU Acceleration: Uses Metal (macOS) or OpenGL (Linux) for near-zero input lag and buttery-smooth scrolling.
Native UI: Unlike other cross-platform terminals, it uses platform-native tabs and windows (GTK4 on Linux, SwiftUI on macOS) for a seamless look.
GPU Ligatures: One of the few terminals that renders complex font ligatures (like => or !=) directly on the GPU for maximum speed.
Secure Entry: Includes a “Secure Keyboard Entry” mode to prevent other apps from “sniffing” sensitive data like passwords.
Embeddable Core: Built as a library (libghostty), meaning its engine can be tucked inside other applications or IDEs.

One of the coolest features I found is its native support for shaders.

What is a Shader?

In the context of a terminal, a shader (specifically a GLSL fragment shader) is a small program that runs directly on your GPU. Instead of your computer just “printing text,” the shader calculates how every single pixel should look in real-time. This allows you to add visual effects—like CRT scanlines, retro grain, or even falling snow—without slowing down your CPU.

You can find a nice collection of shaders here: https://github.com/0xhckr/ghostty-shaders

My Minimalist Setup

I love that I can achieve a beautiful, functional setup with just five lines of code. Here is my current ~/.config/ghostty/config:

Bash

theme = Ayu
font-family = "Hack Nerd Font Mono"
font-size = 14
custom-shader = ~/.config/ghostty/shaders/just-snow.glsl
background-opacity = 0.85

That’s it. Just five lines to go from a standard prompt to a hardware-accelerated, snow-dusted workspace.
Ghostty terminal

Finding Peace on the Prairies: Why I Chose Winnipeg

Sipping a coffee at any cafe in the city or walking through Assiniboine Park, I’m always struck by a profound sense of calm. This feeling was a major reason my family and I chose to build our life here in Winnipeg. For us, it was a conscious choice for safety, and a significant part of that was Canada’s sensible approach to guns.

The statistics on gun violence globally are sobering. While no country is perfect, the data shows a clear difference. In many places, gun violence is a leading cause of fear and tragedy. Here in Canada, strong regulations like the ban on assault-style firearms and strict licensing create a different reality. The focus is on responsibility and community safety, which results in a far lower rate of gun-related deaths compared to our neighbour to the south.

Living in Winnipeg, I appreciate this balanced approach. I know that hunters and sport shooters can still pursue their activities safely and legally, but the most dangerous weapons are not in general circulation. This isn’t about politics for me; it’s about peace of mind. It’s about feeling secure in my community, whether I’m downtown at The Forks or in my own neighbourhood. By the way, I am aware of the statistics saying that Winnipeg is one of the most dangerous cities of Canada, but based on the facts that I lived in Peru most of my life, there is no comparison, here I feel much more safe than in any city of Peru or South America.

Choosing Canada, and specifically Winnipeg, meant choosing a life where me and my family will have peace of mind, in addition, Winnipeg is not a big city, it was super clear for us that we don’t want to live in a big city anymore. Winters are hard but nothing compared with living in peace.

Hasta siempre Mario Vargas Llosa

Mario Vargas Llosa

I am doing an exception, this post will be in spanish because I feel I will express better using my mother tongue

Ayer, domingo 13 de abril, estaba viendo el partido de mi amado Universitario de Deportes contra el Melgar de Arequipa. Íbamos perdiendo 1-0 cuando uno de los comentaristas anunció una noticia terrible: Mario Vargas Llosa había fallecido en Lima a los 89 años. Sentí un shock inicial, pero seguí viendo el partido. Curiosamente, Mario Vargas Llosa, al igual que yo, era hincha de Universitario. Nuestro equipo remontó y ganó por un contundente 4-1.

Hoy reflexioné sobre la partida de MVLL. Lo conocí a través de “Los Cachorros”, y el personaje de “Pichulita” Cuéllar me impactó profundamente. Yo tendría 12 o 13 años y me había convertido en un lector voraz. Luego leí “La ciudad y los perros”, “Pantaleón y las visitadoras”, “La casa verde”, y creo que tenía 18 o 19 años cuando leí la que, para mí, es su obra cumbre: “La guerra del fin del mundo”. Fue realmente impactante y convirtió a MVLL en una especie de superhéroe para mí. Me volví un fan incondicional. En ese momento, ya había perdido las elecciones presidenciales contra el nefasto Alberto Fujimori. Si hubiera podido votar, no habría dudado en hacerlo por Mario.

Con el paso de los años, seguí leyendo su obra, confirmando que era un escritor excepcional, el mejor escritor peruano que había leído. Sin embargo, con el tiempo, leí menos, influenciado por internet. Esto hizo que disminuyera mi lectura de libros y, por ende, no pude leer la obra completa de MVLL, aunque leí 11 de sus obras.

Con los años, mi superhéroe se fue desdibujando. Siempre se dice que hay que separar al artista de la obra, pero me resultaba difícil conciliar al Mario escritor, intachable y uno de mis favoritos, con el hecho de que defendiera la tauromaquia, algo que repruebo. Además, Mario fue un feroz crítico de Alberto Fujimori, pero años después apoyó a su hija Keiko Fujimori en su intento por alcanzar la presidencia. Esto me decepcionó profundamente. Recientemente, aceptó una condecoración de Dina Boluarte, después de que su gobierno asesinara a 50 personas en protestas pacíficas. Mario, crítico de las dictaduras, terminó apoyando a quienes compartían sus características.

El día que anunciaron su Premio Nobel, me alegré mucho. Siempre pensé que merecía ese reconocimiento. Este justo premio confirmó públicamente su monumental obra, que perdurará en el tiempo. Tu legado es enorme, aunque me apena que se vea manchado por tus decisiones políticas. Hasta siempre, Mario.

Super Whisper: Ditch the Keyboard, Chat with Your Computer

Tired of typing everything out? Seriously, in this day and age, shouldn’t we be talking to our computers more? Well, guess what? You can! Say hello to Super Whisperer (www.superwhisper.com), the tool that lets you ditch the keyboard and just… talk.

This is my 1st week using Super Whisper and I am so happy 🙂

Why Yell at Your Screen Instead of Typing?

Look, we all know typing is a drag. It slows you down, messes with your flow, and can even hurt your wrists. With Super Whisperer, you can:

Get Stuff Done Faster: Ideas flow way quicker when you just say ’em out loud, right?
Save Your Wrists: No more carpal tunnel worries!
Multitask Like a Boss: Talk while you, like, make coffee or something.
Make Life Easier: Super helpful for anyone who finds typing tricky.

Apps Galore – Your Voice, Your Way

Super Whisperer plays nice with tons of apps. Wanna dictate emails in Gmail? Done. Need to voice-code in VS Code? Easy peasy. You can use it with:

Office stuff (Word, Excel, the whole gang)
Email (Gmail, Outlook, you name it)
Browsers (Chrome, Firefox, etc.)
Code editors (VS Code, PyCharm, and more)
And way more apps!

Make it Yours – Custom Profiles

This is where it gets cool. You can create profiles to fit your exact needs. Coders, writers, project managers – everyone wins.

Code with Your Voice: Imagine saying, “make a Python function, name it calculate area…” and boom, code appears! Works with Python, Java, JavaScript, and more.
Speak Your Language: Add your own industry terms so it gets you perfectly.
Custom Shortcuts: Create voice commands for anything you do a lot.

Example of Python Code Dictation:

Python

# Voice command: "define function calculate area, parameters width and height, return width times height."
def calculate_area(width, height):
    return width * height

Right now, Super Whisperer is rocking it on macOS. But don’t worry, Windows users the native version is coming soon, you can sign for the beta here: https://superwhisper.com/windows

Super Whisperer is more than just speech-to-text; it’s a whole new way to work. Now I am trying to combine Super Whisper with Cursor to talk directly with different LLMs, I will keep you posted!

How-to install Chrome in Windows with a oneline Powershell

If you face the situation where you need a browser in a Windows system and you don’t have any or the only browser is Internet Explorer.

You can try this one-line Powershell command:

$LocalTempDir = $env:TEMP; $ChromeInstaller = "ChromeInstaller.exe"; (new-object System.Net.WebClient).DownloadFile('http://dl.google.com/chrome/install/375.126/chrome_installer.exe', "$LocalTempDir\$ChromeInstaller"); & "$LocalTempDir\$ChromeInstaller" /silent /install; $Process2Monitor = "ChromeInstaller"; Do { $ProcessesFound = Get-Process | ?{$Process2Monitor -contains $_.Name} | Select-Object -ExpandProperty Name; If ($ProcessesFound) { "Still running: $($ProcessesFound -join ', ')" | Write-Host; Start-Sleep -Seconds 2 } else { rm "$LocalTempDir\$ChromeInstaller" -ErrorAction SilentlyContinue -Verbose } } Until (!$ProcessesFound)