Antivirus for AI. Guardian: prompt injection scanner - Judgement OSS: open-source CTF, OLT-1: concept-based language AI research. fallenangelsystems.com
Joined February 2026
- Tweets 72
- Following 14
- Followers 4
- Likes 0
3 Photos and videos
Pinned Tweet
Apr 28
Fallen Angel Systems is officially an @nvidia Inception member. 🚀
A year of solo building AI security developmental AI research on one workstation in Phoenix. Today NVIDIA said yes.
• Guardian - prompt injection firewall
• Judgement - open source AI red team
• Origin - patent-pending AI safety architecture
More to come.
fallenangelsystems.com
#NVIDIAInception
65
OWASP's 2026 State of Agentic AI Security: prompt injection still the leading cause of production failures. Coding agents are now the top attack surface. If you're shipping AI agents, this is required reading. helpnetsecurity.com/2026/06/… #AISecurity
1
20
Jun 12
Prompt injection is the #1 threat to LLM apps. Judgement OSS is a free CTF game for developers: practice real injection attacks, learn how defenses break, and ship safer AI. github.com/fallen-angel-syst…
11
Jun 11
Prompt injection is the top attack vector on production LLM apps. FAS Guardian catches it in 3 layers: regex patterns, ML classification, and semantic analysis. Think of it as antivirus for your AI. Free tier available. fallenangelsystems.com #PromptInjection
7
Jun 10
Ran the experiment. Got the opposite of what I wanted. Frequency beat the transition model. On clean data: retrieval 30%, generation 0%. That result rewrote the whole next phase of Origin. Generation invents. Retrieval grounds. Part 14 is up:
fallenangelsystems.com/blog/…
3
Jun 10
New vuln: CVE-2026-48710 (BadHost) lets malformed HTTP Host headers bypass auth on Starlette-based AI agents, LLM gateways, and MCP servers. 325M weekly downloads at risk. Fix: Starlette 1.0.1. infoq.com/news/2026/06/badho…
59
Jun 9
Reading about prompt injection is fine. Actually attacking an AI is better. Judgement OSS: open-source CTF/training tool for devs. Go break something. github.com/fallen-angel-syst…
9
Jun 8
Most prompt injection defenses fail because they only check one thing. FAS Guardian layers regex, ML, and semantic analysis so attackers can't sidestep detection. Free tier available. fallenangelsystems.com
7
Jun 7
76% prompt injection success rate against Apple Intelligence. Researchers used unicode tricks neural exec attacks to hide malicious instructions in emails/docs. Your AI reads them and acts. Apple patched in iOS 26.4. foxnews.com/tech/apple-intel… #AISecurity
12
Jun 6
U of T researchers built an AI worm running a free LLM on compromised hosts. It reads post-training CVEs, adapts when attacks fail, and hit a 44% exploitation success rate in testing. Malware that reasons. No API key needed. helpnetsecurity.com/2026/06/… #AISecurity
1
1
25
Jun 5
Most devs learn prompt injection defenses the hard way. Judgement OSS is a CTF game that lets you practice offense and defense before it's your app getting exploited. Open source, self-hosted. github.com/fallen-angel-syst…
1
17
Jun 4
Prompt injection is still the #1 unsolved threat in LLM apps. FAS Guardian runs three detection layers (regex, ML, semantic) so attackers can't just try a different phrasing and slip through. Free tier: fallenangelsystems.com #AISecurity
12
Jun 3
White House signed an AI security EO today: voluntary 30-day pre-launch testing for frontier models, new AI cybersecurity clearinghouse for vulnerability sharing, and AG directed to prioritize AI-enabled cybercrime prosecution. whitehouse.gov/fact-sheets/2…
5
Jun 2
Think you can beat a prompt injection CTF? Judgement is an open-source game that makes you think like an attacker. Best way to learn defense: be the offense. github.com/fallen-angel-syst…
9
Jun 1
The Stove, the Sphinx, and the Dream State
This isn't another technical post in the Origin series. If you've been following along, take this as a breather. If you're just finding us, this is the version you can read without twelve prior posts of context. Either way, this is the why, not the how.
fallenangelsystems.com/blog/…
4
Jun 1
Prompt injection is the #1 attack vector on LLM apps right now. FAS Guardian scans every input with 3 layers: regex (Lieutenant), ML (Spectre), and semantic context (Arc Engine). Free tier available. fallenangelsystems.com #PromptInjection
21
May 31
NSA dropped a security guide for Model Context Protocol (MCP) in AI-driven automation. The concern: MCP's rapid adoption outpaced its security model, and standard cyber defenses don't cover agentic AI attack paths. Required reading. intelligencecommunitynews.co…
2
1
47
May 30
Researchers found ChatGPT can be hijacked via prompt injection to turn any web page into a phishing lure. Reported to OpenAI in April, marked as duplicate, still unpatched. theregister.com/research/202…
20
May 29
Think your app is safe from prompt injection? Prove it. Judgement is an open-source CTF where you test your defenses against real attack patterns. Free, no signup required. github.com/fallen-angel-syst… #promptinjection
22
May 28
Most LLM apps have zero protection against prompt injection. FAS Guardian runs 3 detection layers (regex, ML, semantic) so attacks get caught before they cause damage. Free tier: fallenangelsystems.com #AISecurity
14
May 27
77% of orgs updated their security strategy for AI. Only 26% can actually enforce it. That's a 51-point gap attackers are already exploiting. Check Point 2026 Cloud Security Report: stocktitan.net/news/CHKP/ai-… #AISecurity
7