Dispatches. Practitioner-first cybersecurity coverage.
Independent reporting on AI security, SOC automation, identity, data and the adversarial edge. Every piece is rewritten in-house and credits every source — never a press-release copy.
Archive
Page 3 of 4-
AI Security OpenAI Opens GPT-5.4-Cyber to Thousands of Defenders as the SOC-Copilot Race Tightens
OpenAI's Trusted Access for Cyber program now extends a defender-tuned model to thousands of vetted individuals and hundreds of teams. Anthropic's Glasswing rollout a week earlier sets up a head-to-head between the two frontier vendors over which AI gets first look at the SOC.
-
Threat Intel Criminals Are Still Skeptical About AI — And That's the Real Story
A new forum-analysis study finds cybercriminals are curious about AI but full of doubts about effectiveness and operational security. The diffusion-of-innovation framing reframes the 2026 threat story from 'AI arms race' to 'early adoption, slow uptake.'
-
Code Security A Python Notebook RCE Was Weaponized in Under Ten Hours — What the Marimo Flaw Tells Us About Dev-Tool Exposure
Attackers exploited a pre-auth RCE in the Marimo notebook platform nine hours and forty-one minutes after disclosure, harvesting credentials and deploying malware routed through Hugging Face. The speed collapses the patch window for developer tooling that security teams rarely inventory.
-
Policy CSA Spins Out CSAI as a Standalone Nonprofit for Agentic AI Governance
The Cloud Security Alliance carved its AI work out into a separate 501(c)(3) foundation at RSAC 2026. The mission statement — 'Securing the Agentic Control Plane' — reframes AI security from defending models to governing the identity, authorization, and runtime of autonomous agents.
-
Threat Intel GRU's Forest Blizzard Turned 18,000 Home Routers Into a Silent OAuth Interception Layer
A GRU-linked campaign scaled OAuth token theft against government ministries by quietly rewriting DNS on thousands of end-of-life SOHO routers — no endpoint malware required. The technique bypasses MFA because it harvests tokens issued after login.
-
Vulnerabilities Microsoft's April Patch Drop: 169 Fixes, a SharePoint Zero-Day, and Windows Defender's 'BlueHammer'
April 2026 is the second-largest Patch Tuesday on record. One of the 169 CVEs is already under active exploitation in Microsoft SharePoint Server, and a publicly-disclosed Defender bug nicknamed BlueHammer rounds out an unusually dense release.
-
Policy NIST Throws the Triage Flag: CVE Enrichment Goes Selective After a 263% Submission Surge
NIST will stop enriching every CVE submitted to the National Vulnerability Database. A new prioritisation policy — live as of April 15 — covers KEV entries, EO 14028 critical software, and anything with systemic-risk potential. Everything else goes to a 'Not Scheduled' queue.
-
AI Security Anthropic's 'Glasswing' Puts an Offensive-Grade AI in the Hands of 50 Defenders — And Schneier Isn't Convinced It's a Gift
Anthropic held back its Mythos Preview model from public release and shipped it instead to roughly 50 organisations under 'Project Glasswing'. Bruce Schneier argues the defensive edge is real but temporary — and that smaller models are already closing the gap.
-
AI Agents Lab Study: Humans Treat AI Agents Like Rational Allies — And That's a Security Problem
A new controlled experiment finds people play more cooperatively against LLMs than against other humans in a strategic game. Schneier flags the finding for every team designing systems where agents and humans operate side-by-side.