UAE Launches World's First Sovereign Financial Cloud
The UAE Central Bank just built the world's first sovereign financial cloud — AI for AML, fraud, CBDC, zero-trust access, quantum-resistant encryption. Sovereign compute is now a national infrastructure decision, not a vendor one. World's First Sovereign Cloud System for Finance to Launch in UAE https://t.co/KrEBFJwvBQ
90 Zero-Day Exploits Surge as Enterprises Become Prime Targets
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow https://t.co/AasF2pQ7kO #BreakingNews https://t.co/fzlSfxjbz0
X Bans Undisclosed AI War Clips for 90 Days
X Defunds The Deepfakes: Undisclosed AI War Clips To Face 90-Day Revenue Ban | Republic World https://t.co/hUVPj3L7Nj #war #wardeepfake #Deepfake #DeepfakeDetection #AIGeneratedContent #AISecurity #DigitalForensics #SyntheticMedia #MediaManipulation #CyberSecurityAwareness #Disinformation #Misinformation #AIEthics #AIRegulation #TrustInMedia #ContentAuthentication #OnlineSafety
AI-Driven Plant Networks Require Built-In Cybersecurity
Contributor Spotlight: Shantae Hansen (p. 34) — as AI gets embedded into MES/ERP + IIoT + plant networks, cybersecurity has to be “built-in,” not bolted on. Practical moves: segment OT/IT, least-privilege + MFA, disciplined patching and tested offline backups. #Cybersecurity https://t.co/zvLr3eVkMd
Meta Glasses Privacy Breach Threatens AR Adoption
The biggest viral AI post across all lists today. 14,000+ retweets. Meta glasses sending intimate footage to offshore contractors is exactly the privacy nightmare everyone predicted. This could kill consumer AR adoption if not addressed immediately.
Early Draft Review Uncovers Fresh Views
Complex Systems this week is a tiny experiment: I did a read of a work-in-progress essay rather than the finished version with author's commentary. It's about secondary authentication/authorization, particularly for payments.
Agentic AI: Autonomous Ops Agents Beyond Simple Alerts
Think beyond co-pilots. Agentic AI in ops means agents that observe signals, reason across security and reliability data, and take guarded actions - not just summarize alerts. #ITOps #SecOps https://t.co/e3w3lXkvfc
IRS Alerts: New Tax Scams Evolving Beyond Phishing
From phishing emails to bogus tax credits, the IRS warns that scammers keep changing tactics. Here’s what you should know about the most common tax scams now. https://t.co/0ciX8gUJKy
Regular Drills Prevent Security Skill Decay
In winter survival training they call it 'dirt time'. You need to get hands-on and practice. Skills decay if you do not practice them. The same is true in security: Tabletop exercises, incident response drills, access reviews. If you only touch...
AWS Model Privacy: Risks of Insider Access and Data Leakage
Although I’m in 🩷 with Kiro CLI and like that AWS makes a copy of the model so your data doesn’t reach the model providers, I want to know more about AWS internal access to such things, customer segregation with...
OEMs Accelerate Design, Strengthen Security for New Vehicle Architectures
OEMs are driving faster design cycles and enhanced security amid evolving vehicle architectures and compliance requirements. https://t.co/h9d6HBTGMr #automotive #automotivesecurity
Aave V4 Launches Continuous Bug Bounty via Sherlock
We propose launching the Aave V4 bug bounty program with Sherlock. Bug bounties have long been an important part of Aave’s security strategy, and the Sherlock team has demonstrated strong expertise in managing both security contests and bug bounty programs.
State-Backed Hackers Ready for Undetectable OT Attacks
State-affiliated hackers set up for critical OT attacks that operators may not detect | CSO Online https://t.co/bvLvNOk8Fn
AI Accelerates Vulnerability Fixes, Sparking Dual Optimism
Being at UnpromptedAI conference in SF this week seeing extent of using AI for vulnerability discovery and for accelerating fixes has me want to make a slight correction to this post: 1. I am short term *very* pessimistic 2. I am *even...
TikTok Denies “Controversial” Tech, Actually Uses End‑to‑end Encryption
TikTok announces that they’re not going to deploy “controversial privacy tech” that’s actually the same end-to-end encryption most other providers use to protect users’ DMs. https://t.co/INKzu9ku2z
RSAC Attendance: Join ISMG Team to Discuss AI Security Trends
RSAC is coming up. I will be there with the ISMG team. If you are attending, let’s connect. Curious what themes you expect to dominate this year. AI security? Identity? Platform consolidation?
Google’s AI‑Driven Playbook for Modern Security Threats
How Google approaches critical security topics, from fundamentals to AI https://t.co/4JCmvNxF8E < we're always learning things about new threats, new (and proven) techniques to respond with. @royalhansen takes a look here.
First Age Verification Prompt Hits Social Media Users
One for the “but age verification means *everyone* has to show their gov ID or hand over biometric data” brigade. For the first time ever, I just got an age challenge on a social media platform: https://t.co/IidAL3Czai
Aave V4 Security-First Design Detailed in Transparency Report
As part of building in public, Aave Labs is sharing our approach to smart contract security for Aave V4 with the broader DeFi community.
CIOs Must Prepare for Uncertain, High‑Impact HNDL Threat
A strategic roadmap for the post-quantum CIO | @CIOonline https://t.co/UgFtyYdqYb My take: Harvest now, decode later (HNDL) is one of the hardest threats for CIOs to prepare for. Because it’s entirely unclear how big an issue really is. But probably...
Your AI Data Stays Private, Never Used for Training
Three topics come up continually when it comes to AI, and they all center on trust. With LeapSpace, your data remains your data. We do not use your data to train AI models. Every interaction is private, secure, encrypted and...
US Reopens Chinese Tech Data Security Scrutiny Amid Military Labels
This is a repeat of what happened in 2020 under the first Trump admin. Back when they first started exploring the TikTok ban as well. Was primarily around how Riot, Epic and others handled US user data. Ultimately...
Three‑quarters of Leaders Report Network Cyber Fraud Surge
Nearly 75% of global leaders saw someone in their network hit by cyber fraud last year. Phishingn & smishing lead. With ransomware up 4x since 2021, organizations must manage third-party risk and treat cybersecurity as strategic. https://t.co/UZFhgJpvny https://t.co/RZ38Isc4tZ
AI Emerges as Budget-Friendly Cybersecurity Force Multiplier
Did a new blog @Binary_Defense called: NightBeacon: AI as a Force Multiplier in Cybersecurity We always struggle with budget and headcount. Do we finally have somewhat of a solution for our security programs? https://t.co/sBeXDGT9nx
Cyber Tools: Both Promise and Limits Against Iran's Nuclear Threat
I guess it's fitting that I spent a couple of hours this week signing 400 copies of Countdown to Zero Day for a conference -- fitting because it's a reminder, in regards to Iran's nuclear program, of both the advantages...
Mid‑Market OT: The Most Dangerous Security Gap
Great conversation with David Petrikat-AMDT We discussed why Mid-Market #OT Is the Most Dangerous Place to Be 📍Full episode here 👇 https://t.co/0zi01ZkyCg 📍📍Please read more here 👇 https://t.co/Y5Q7I09c76 #CISO #OTSecurity #CyberResilience #CEO https://t.co/7O5h944IRI
Security Duties Persist; Breach Itself Is Violation
A UK court just ruled: security duties don't disappear even if hackers can't read what they stole. The breach itself is the violation. Meanwhile, GDPR surged 220% in a single day. Privacy isn't a checkbox anymore. It's becoming infrastructure. https://t.co/uNnssaoO6P
Future Drive Success Demands Broader, Deeper Technical Knowledge
Drives are becoming more complex. And knowledge is turning into a key success factor. 🚀 Today we had an intensive exchange at GROLLMUS with Danfoss about training and future skill requirements. Marco de Jong and Mieslinger Christian joined us to...
HungerRushRMS Breach Leads to Phishing Emails, Aussie Traffic Blocked
Looks like @HungerRushRMS got pwned and the bad guys are emailing customers. Now they’re blocking website traffic (at least they are for Aussie traffic). https://t.co/lKe74m0OTc
Agentic AI Forces Unified ITOps‑SecOps for Resilience
Most orgs still treat ITOps and SecOps as separate universes, but incidents don't care about org charts. Agentic AI gives leaders a reason to redesign workflows around end-to-end resilience. #CIO #CISO #AI https://t.co/e3w3lXkvfc
MFA Remains the Easiest High‑ROI Security Win
Just about every small and mid sized business I talk to is still behind on MFA. It is still the highest ROI security control available. If you have not enforced MFA everywhere, that is the easiest win you have this quarter. Read more...
GenAI Augments Security Stack; AI Firms Target Specific Markets
Anthropic entering secure code has everyone predicting the collapse of security vendors. I think that framing is too binary. GenAI will augment nearly every layer of the security stack. That does not mean the stack disappears. The better question is: which markets do...
Exposed API Keys Cost Startup $2.5K in Fees
Claude Code reached LinkedIn We're COOKED 😱 This guy literally exposed his API keys on the front end, got exploited, charged 175 customers $500 each by mistake.. .. then burned $2.5K in Stripe fees before fixing it 😅 https://t.co/WPDCXipLSF
AI‑Cybersecurity Convergence Must Be Administration’s Top Priority
Why the convergence of AI and cybersecurity must be a top priority for the administration https://t.co/TbGhk0BYOE https://t.co/EiVI3kNYsI
Joining Code Armor Board to Accelerate Cybersecurity Innovation
Very pleased to be joining the Board at @code_armor . I’ve worked with them for a long time. What they have built and are building is a vital part of the need for speed in any modern cybersecurity program. https://t.co/v8SGWVKobB
GenAI Enables Unified Multicloud Config Standardization
Standardizing multicloud configs from a single set of requirements is finally viable. Think: genAI translating an AWS IAM role -> Azure Role Definition or a CloudFormation template -> Google Deployment Manager config. #IAM #CISO #Cloud https://t.co/vBzM21vM14
Isolate Each Kiro CLI Agent in Secure Sandboxes
Securing Kiro CLI Custom AI Agents 🤖 Configuring multiple agents to work with Kiro CLI in individual sandboxes https://t.co/Bt0CxhDK5j https://t.co/Z4WJtwDoms
Future Network Will Verify Truth, Not Trade Data
The internet never solved trust. Web2 monetised attention. Web3 monetised ownership. AI now monetises imitation. Bots everywhere. Fake identities. Zero certainty who’s real. The next trillion-dollar network won’t trade data. It’ll verify truth. That’s the layer @Humanityprot is building.
OAuth Redirect Abuse Fuels Phishing and Malware
OAuth redirection abuse enables phishing and malware delivery | Microsoft Security Blog I just wrote about this type of attack and what you should be asking about authentication processes. Modifying scopes is an authorization issue but it’s related. https://t.co/TucGqHuinb
GVisor Isolates MCP Sessions, Preventing File Deletion Attacks
"How do you prevent the agent from accidentally (or maliciously) deleting files, uploading sensitive information to untrusted services, or consuming infinite compute?" @vladkol built an open source project that uses gVisor to isolate your MCP sessions. https://t.co/yMsHQbFWRb https://t.co/j5aEAxdrJi
Cheap AI Gadgets at MWC26 Threaten Your Privacy
AI companions are everywhere at MWC26. So are red flags. Low price. Unknown brands. Zero transparency on where your data goes. The device isn’t the investment. Your privacy is. https://t.co/5vHc6cpKwi
UAE Banks Replace SMS OTPs with Biometrics, AI Security
UAE banks ditch SMS OTPs: biometrics, in-app approvals, and tighter AI governance become the new security baseline UAE banks must stop using SMS and email OTPs by end-March 2026 More UAE banks now tighten security with biometrics logins, AI fraud checks -...
Iranian Drones Strike Amazon Data Centers in Gulf
Amazon reports that its data centers in Bahrain and the UAE have been hit by Iranian drones. https://t.co/OlIkT0DOwO
Building Anonymous Credentials for Future Age Verification
New post on anonymous credentials and how to build them. All of this is in service on a longer future post on how these will fit into age verification systems. https://t.co/IqwlP9S6mv
Design for Breach: Embrace Cyber Resilience Over Security
We need to move from cybersecurity to cyber resilience. Cybercrime is scaling faster than security budgets. At this point it is safe to assume credentials are compromised and someone has been inside your environment before. If you start from the assumption of...
Trust Becomes the Bottleneck for Autonomous Enterprise Apps
“….every action will still need to be authenticated, authorized, and auditable. As intelligence becomes abundant and software becomes autonomous, trust becomes the constraint.” been amazing to watch @grinich and @WorkOS team make next gen apps and agents enterprise ready… 💥
Data's Shelf Life: Prepare for Future Quantum Threats
Do you know why this matters? Yes - Interesting right? No - Some ideas for you. 1. How your data has a "Shelf Life" - Even if a "Quantum Hack" is 10 years away, hackers are practicing "Harvest Now, Decrypt Later." 2. Y2Q...
Build Real Cloud Skills, Not Just Certificates
Want to become a cloud engineer? Stop running behind badges. Start building skills that actually matter. 1️⃣ Understand cloud cost and budgeting. 2️⃣ Learn security and IAM properly. 3️⃣ Get comfortable with automation and Infrastructure as Code. 4️⃣ And most importantly, build real problem-solving ability instead...
AI Security Teams Must Track Assets, Origins, Behavior
.@Cisco: Securing Autonomous Supply Chains https://t.co/kMD9aMu5KT @SupplyChainD "AI security teams are now being asked three questions at once: what AI assets do we have, where did they come from, and how will they behave in production as agents interact with...”...
Left Ignoring Data Privacy as AI Surveillance Bills Loom
Yes but effectively NO ONE on the left is talking about data privacy & the House is abt to go into markup on a package of 19 “child safety” bills that would enact unprecedented levels of mass AI surveillance/fully remove...
