AI Security Researcher & ML Infrastructure Engineer
Security Researcher at Oligo Security, previously core team at Deci AI (acquired by NVIDIA). I discover critical vulnerabilities in AI/ML infrastructure, including the first attack campaign targeting AI workloads (MITRE ATT&CK C0045). Background in Neural Architecture Search, inference acceleration, and model optimization. Black Hat USA & DEF CON speaker.
Impact: Docling Core, IBM's document processing library for AI applications, exposed CVE-2020-14343 through unsafe use of yaml.FullLoader in versions 2.21.0 to 2.48.4
ShadowRay 2.0 - AI Attacks AI: Self-Propagating Botnet Campaign
Discovery: Uncovered active global campaign where threat actors ("IronErn440") exploit CVE-2023-48022 in Ray to hijack AI compute clusters into a self-replicating botnet - the first documented use of AI to systematically attack AI infrastructure
Scale: 230,000+ Ray servers exposed globally (10x increase from original ShadowRay discovery) - potentially active since September 2024
Sophistication: DevOps-style infrastructure using GitLab/GitHub for region-aware malware delivery, LLM-generated payloads, CPU throttling at ~60% to evade detection, disguised processes masquerading as kernel workers
Capabilities: Multi-purpose botnet for cryptojacking, DDoS attacks, data exfiltration, and autonomous propagation across continents via OAST-based discovery
Discovery: Critical wormable zero-click remote code execution vulnerabilities in Apple's AirPlay protocol affecting billions of devices worldwide - no user interaction required for exploitation
Impact: Affects iPhones, iPads, Macs, Apple TVs, HomePods, and millions of third-party IoT devices (smart TVs, speakers, car infotainment systems). Enables autonomous worm-like propagation across networks
Pwn My Ride - CarPlay Attack Surface & Jailbreaking
Discovery: First comprehensive security analysis of Apple CarPlay revealing critical attack vectors enabling car jailbreaking and vehicle system compromise through infotainment interfaces
Impact: Demonstrates how CarPlay vulnerabilities can be chained to gain unauthorized access to vehicle systems, potentially affecting millions of CarPlay-enabled vehicles from major manufacturers
Significance: Pioneering research into automotive security via smartphone integration protocols - presented at DEF CON 33, one of the world's premier hacking conferences
Role: Deep Learning Software Engineer → Software Architect. Core team building Neural Architecture Search (NAS) and inference acceleration technology
Hardware: Optimized deep learning models and LLMs across all hardware types - NVIDIA GPUs, iPhone, Android, Jetson, TPUs, CPUs, and Web Browsers
Achievements: Engineered automated NAS pipelines producing SOTA models for any hardware. Beat all existing object detection models on iPhones by running benchmarks in a freezer at 0°C for consistency
Innovation: Created SOTA models on a monthly basis for any given hardware - fully automating the model optimization process for all AI tasks
Open Source: Released best-in-class open source models during the NLP and Generative AI transition