Systemic Approach to AI Vulnerability Coordination Reveals Patch Bottlenecks
New @LutaSecurity blog: AI Vulnerability Coordination at Vulnapalooza — First ##Mythos Encore. @AnthropicAI 's 1st Glasswing update surfaces bottlenecks in patch creation & deployment. Read about a systemic maturity approach to vulnerability coordination https://t.co/aNLoFCPNWH https://t.co/Tj4S0PeFX8
CISA Pushes 3‑day Patch Deadline Amid AI Defense Gaps
“Patch the KEVs faster” still isn’t taking a scalable, targeted, realistic approach to the #Mythos #AI era, for gov or private sector. AI defense has not yet produced an autonomous, safe answer to meet the AI offense moment.
Exploring AI Mythos and Cyber Vulnerability Evolution at Oxford
Thrilled to be heading to @UniofOxford @blavatnikschool to have some interesting conversations with Ciaran Martin on #AI #Mythos & the evolution of vulnerability discovery, disclosure, & military defense & offense cyber capability proliferation
Practical Optimism Amid AI Hype and Fear
#Mythos & the new #AI models got you scared? I shared some practical advice & optimism in this otherwise dire disaster prediction fest in my comments to @yaelwrites for @verge
AI's Collective Roots Demand Shared Prosperity and UBI
#AI was built on all our labor. Every word, image, idea came from us. Its gains belong to everyone, not just a few. I signed the AI Pledge for Humanity, committing 2% of my income to Income to Support All Foundation...
AI only Reports Real Bugs; Scaling Triage Is Temporary Fix
AI is not going to flood you with real vuln reports unless you have a ton of real vulns. Adding resources to a vuln disclosure process to keep up with triage & bug fixing is a temporary investment at the loud...
Why Anthropic’s Glasswing Beats OpenAI’s Trusted Cyber
Want to know which throttled release of the latest #AI models I think is best and why? Read my opinion on @AnthropicAI ‘s Project #Glasswing #Mythos private release vs @OpenAI ‘s Trusted Cyber Program application & vetting process. https://t.co/pno0H4O75R
Basic Cyber Hygiene Beats AI Security Risks
What can regular people do about all the security findings of the latest AI models? My comments to Nicole Nguyen for @WSJ Our usual advice, but seriously, now more than ever: Keep software up to date Use long unique passwords Use a password manager Use...
OpenAI Refuses Central Control, Empowers Verified Defenders
#OpenAI shots fired “We don’t think it’s practical or appropriate to centrally decide who gets to defend themselves. Instead, we aim to enable as many legitimate defenders as possible, with access grounded in verification, trust signals, & accountability.” https://t.co/KM1Vr7Idej
Open‑source AI Tool Detects Real Bugs Automatically
Open sourced simple AI model that finds real bugs, from the folks at @Aisle_Inc . Is it getting hot in here? 🔥
Survive the AI Vulnerability Festival: Your Vulnapalooza Guide
Everyone's worried about the Vulnpocalypse, vulnmageddon, vulnerability storm brought on by #AI like #Mythos, but what if we treated this like a music festival? We all have tickets to Vulnapalooza. Here's your festival survival guide. https://t.co/9EYqmueCPf
LutaSecurity Cuts Zoom Bug Cases 37% in 10 Weeks
When the pandemic lockdown hit & @Zoom surged in popularity, so did its #bugbounty program — much like many organizations are facing an #AI vuln report surge today. @LutaSecurity helped flatten the curve of Zoom’s bug cases by 37% in...
Anthropic AI Guides Rapid AI Vulnerability Prep for All
Great advice from @AnthropicAI on prep for accelerated AI vulnerability discovery, including what to do if you don’t have a dedicated security team, if you’re reporting bugs you found, or are an open source maintainer. /ht @_decius_ for sending the link ...
Robust Patch Management Needed Before AI Vulnerability Crisis
The technical debt repo man is coming, especially for those that don’t have robust patch creation & management — & it’s clear we can’t keep cranking out bugs in the 1st place. Stay hydrated, ops teams, & tip your doordashers...
Mythos Flips Defender Calculus; Glasswing Leads Massive Coordination
N days, logic bugs, exploit chains defeating friction-based exploit mitigations — your time has come. @AnthropicAI #mythos changed the defender’s calculus overnight. Glad #glasswing is attempting the biggest multiparty vuln coordination of the century https://t.co/KroRUisqY8