naano
naano
The B2B LinkedIn creator marketplace
Browse all creators
Muhammad Dilshad

Muhammad Dilshad

Marketing | Cybersecurity | Threat Intelligence | OSINT | Researcher @ Laburity

Available to book
4.2K
Followers
45
Est. reach
4.0%
Engagement

About

B2B marketing and lead generation professional in the cybersecurity and SaaS space. I work daily with the tools most SaaS brands here are selling: prospecting platforms, CRMs, outreach tools, and research databases. That means when I write about your product, it comes from a real workflow, not a script. My LinkedIn audience: SaaS founders, security professionals, sales and marketing operators, and tech decision-makers. These are the people evaluating and buying B2B software. What you get when you accept my application: 1. A post written from a practitioner angle, positioned around a real problem your product solves 2. Draft shared for your approval before anything goes live 3. Publication within the agreed window, every time I also run cybersecurity content platforms (darkwiser.com) and write professionally, so the copy quality is handled. If you want a specific angle or talking points, message me and I'll build the post around them.

SEOMarketingCybersecurity

Audience & average metrics

4.2K
Followers
45
Est. reach
2
Avg reactions
0
Avg comments
4.0%
Engagement
PK
Based in

Recent posts

image

Attackers no longer need to write malicious code. They just need to write text your AI will read, and 82% of intrusions last year involved no traditional malware at all. CrowdStrike's 2026 Global Threat Report recorded prompt injection attacks across more than 90 organizations in 2025, where injected prompts generated commands that stole credentials and cryptocurrency. AI-enabled adversary operations climbed 89% year over year. The technique now sits at the top of the OWASP list for LLM applications, and the reason is structural: a model cannot reliably separate a developer's instructions from text it retrieves out of an email, a document, or a web page. The sharpest example arrived last month. A Rust-based macOS implant called Gaslight, attributed with high confidence to North Korea-aligned actors, embeds 38 fabricated system-failure messages inside itself. The payload is aimed at the malware analyst's own LLM triage agent, designed to make it doubt its session and abandon the analysis. Read that last one twice. The target was not the sandbox. The target was the analyst's tooling. That is where this class of attack is heading, and your team is squarely in scope. The uncomfortable math is this: even a 1% per-attempt failure rate against an agent running thousands of times a day still yields dozens of successful breaches a month. Meanwhile roughly 65% of organizations have no dedicated prompt injection defenses at all, leaning entirely on whatever their vendor ships. Signature detection cannot help you here. Language and code now share one channel, and the model has no way to draw the line between them. Forbes Takeaway Stop treating the model as a trust boundary. It is not one. Cap every agent to the smallest privilege set its job requires, and force human approval before it sends mail, executes code, moves money, or changes access controls. Allowlist the domains an agent may reach, and log the full reasoning trace behind any consequential action so you can replay it later. For your own analysts: treat AI-assisted triage output as a lead, never as a verdict, because the sample may be written to lie to it.

40
image

Approved for Anthropic's Cyber Verification Program. Here's why this matters if you work in cybersecurity. Our job requires us to think in the attacker's language. Modelling exploitation paths so a client can close them first. Every one of those tasks looks, on the surface, like offensive activity. It reads the same to a classifier. The only difference is intent and authorisation, and a model can't see either. That's the problem Cyber Verification Program (CVP) solves. It verifies the practitioner and the use case up front, then adjusts the safeguards so dual-use work, pentesting, red teaming, exploitation analysis, stops being blocked by default. What it explicitly does not do is unlock prohibited-use categories. C2 infrastructure, mass data exfiltration, ransomware development: those stay blocked for everyone, verified or not. No exceptions, no appeal path. I think that's exactly right. The interesting thing here isn't the access. It's the model of governance: don't ban the technique, verify the person and scope the permission. That's roughly how the rest of our industry already handles authorised testing. #ThreatIntelligence #DarkWebMonitoring #CyberSecurity #RedTeaming #ResponsibleAI #ClaudeSecurity #ClaudeFable5

00
image

An AI agent just ran a complete extortion campaign on its own, no human at the keyboard, and here is the part that should keep you up at night: the victim cannot recover the data even if they pay. JADEPUFFER is the first case of agentic ransomware on record, where a language model drove the entire intrusion. It walked in through CVE-2025-3248, an unauthenticated RCE in an internet-facing Langflow instance that has sat on CISA's KEV since May 2025 (T1190). From there it swept the host for secrets (T1552), strolled into a MinIO store still running default credentials (T1078.001), pivoted to an exposed MySQL and Nacos server, then encrypted config and dropped entire databases (T1486, T1485). When one login broke, the agent found the cause and pushed a working fix in 31 seconds, firing off more than 600 distinct payloads along the way. Here is what matters. Nothing the agent did was new. No zero-day, no cracked crypto. It chained known, unpatched exposure at a speed no human team matches. That is the shift worth your attention: the skill needed to run a full campaign has dropped through the floor, and your indicators of compromise now expire in seconds because the agent rewrites its own code on every run. One useful gift it left behind: the payloads narrated their own logic in plain English, which hands defenders a fresh signal to hunt on. Takeaway Treat AI orchestration tools like Langflow as production systems, not lab experiments, and get secrets out of any process that faces the web. Shift detection weight from signatures to behavior: anomalous execution from web services, secret discovery, persistence, and destructive database calls. And keep immutable backups you have actually tested, because against this actor there is no key to buy back. #JADEPUFFER #AGENTIC #RANSOMWARE #RCE #AI

00

Who engages with you

Who likes and comments on this creator's posts, inferred from their LinkedIn titles.

By seniority
Founder / C-level38%
Manager / Lead13%
Other50%
By function
Founders 25%Engineering / Data 13%

Pricing

10 €
Price per post
Book a post

Past partnerships

laburity.comlaburity.comdarkwiser.comdarkwiser.com

What I offer

I combine cybersecurity expertise with business operations and B2B growth skills, which means I can handle both the technical and commercial side of your work. CYBERSECURITY Vulnerability assessment, web application testing, network security assessment, security monitoring, log analysis, basic incident response, risk assessment, threat intelligence, and OSINT. Tools: Nmap, Nessus, Metasploit, Burp Suite, Wireshark, tcpdump. Comfortable across Kali Linux, Ubuntu, and Windows. SALES, PROSPECTING & MARKET RESEARCH Lead generation, prospect research, and ICP building using Apollo and LinkedIn prospecting. Market research, competitor analysis, industry segmentation, customer discovery, and opportunity identification. Proposal support including RFP/RFQ analysis, requirements gathering, and KPI tracking. TECHNICAL WRITING & DOCUMENTATION Technical documentation, SOP development, knowledge base creation, process documentation, security documentation, and structured reporting. I turn messy processes into documents teams actually use. BUSINESS OPERATIONS & ADMIN Administrative support, process improvement, data management, calendar and email management, document organization, stakeholder coordination, and remote team operations across Google Workspace and Microsoft 365. CONTENT & WEB WordPress and website content management, Canva design, online research, and content structuring. I run my own security content platforms, so publishing workflows are second nature. Whether you need security assessment, lead research, documentation, or reliable operations support, you get one person who understands how the technical and business sides connect.

How I work

Simple: clarify, plan, deliver, refine. Every task starts with me confirming the goal, scope, and deadline, because most wasted work comes from unclear requirements, not lack of effort. For bigger projects you approve a short plan before I begin. While working, I keep you updated at checkpoints instead of going silent until delivery. Everything important happens in writing, so decisions are traceable and nothing gets lost. I work async by default and flex to your timezone when a call is genuinely needed. Deliverables come ready to use: correct format, clean structure, documented so your team can pick them up without me. Your data is handled with a security professional's habits, confidential by default, minimum access, deleted on request. And when you have feedback, I revise until it's right. The job is done when you're satisfied, not when I've sent a file.

Why work with me

Because you'd normally need two or three hires to cover what I do alone. I have a Master's in Cyber Security and hands-on daily experience in B2B lead generation, research, and proposals. That mix means technical work gets explained in business terms, and business work gets done with a security mindset. My work is verifiable. I run my own security content platforms, publish regularly, and document everything I do with SOPs and reports your team can reuse. Nothing stays locked in my head. I'm remote-native: self-managed deadlines, clear written communication, no hand-holding. And I use AI tools daily to move fast, with my own judgment as the final check on every deliverable. Hire me for the task, keep me for the fact that I'll spot the problems you didn't ask about.

Muhammad Dilshad

Want to work with Muhammad Dilshad?

Book this creator for a LinkedIn post on Naano - fixed price, you keep full creative alignment, they keep their voice.

Fixed price per post Keeps their authentic voice Booked & paid on Naano
Get started on Naano
naano

What is Naano

Naano connects B2B SaaS companies with vetted LinkedIn micro-creators. Brands brief creators, creators publish authentic posts in their own voice, and you only pay for results.

Flat fee per post

Book a creator for a fixed price per LinkedIn post, from €10.

Pay per click

Top up a wallet and pay €1.90–2.90 per qualified click - no minimum, no retainer.

Browse all creators