Independent Researcher at Embrace The Red
1
Talks Delivered
1
Events Spoken At
0
Countries Visited
1
Years Speaking
1
Total Talks Given
Johann Rehberger has over twenty years of experience in threat modeling, risk management, penetration testing, and red teaming. During his tenure at Microsoft, Johann established a Red Team within Azure Data and led the program as Principal Security Engineering Manager. He went on to build a Red Team at Uber, and currently serves as Red Team Director at Electronic Arts.
In addition to his industry roles, Johann is an active security researcher and a former instructor in ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK and ATLAS frameworks and is the author of "Cybersecurity Attacks - Red Team Strategies". He holds a master's degree in computer security from the University of Liverpool. You can find his latest research at embracethered.com.
Areas of Expertise
This talk shows prompt injection attacks that target agentic systems like OpenAl's Operator, Google Jules, Claude Code, Gemini CLI, Devin and others. We will expose critical vulnerabilities that threaten confidentiality,integrity, and the future of Al-driven automation, incl. RCE, exfiltration of sensitive data, and even joining a C2 (ZombAls). Additionally, we'll explore how nation state IPs, such as ClickFix apply to Computer-Use agents and can lead to full system compromise (Al ClickFix)
