Demand Thorough Evaluations Before Buying AI Security Tools
RE: Agentic security testing claims Buyer beware. Make vendors provide you evals for their claims. Describe architecture. Prove workflows. Define models and tuning. Cite data sources. Provide references and case studies. Then buy 🤗
Top Six Nations Facing Highest Cyber Crime Threats
Countries with the highest Cyber Crimes & Scams Threat Levels 1- Russia 🇷🇺 2- Ukraine 🇺🇦 3- China 🇨🇳 4- United States 🇺🇸 5- Nigeria 🇳🇬 6- Romania 🇷🇴
Nation‑states Already Using Store‑now, Decrypt‑later; Adopt PQC Now
"Store now, decrypt later" isn't a theory; it’s a nation-state strategy. If your 2026 roadmap doesn't include Post-Quantum Cryptography (PQC), you’re already behind. The 9 realities CIOs can't ignore: 🔗 https://t.co/l36K8t0jnp #RSAC2026 #PQC #QuantumComputing #CIO
Researchers Identify and Patch Critical Signal Vulnerabilities
Very good research. Finding and fixing important vulns in Signal (!), and also trying to learn how we as security engineers can prevent vulns like these going forward. Way to go, Truong, Terzo, and Paterson, and good on Signal for...
Walmart Urged to Secure Email Relay Against Phishing
Hey @walmart (or maybe @Walmarttech), could you kindly configure your email relay domain(!) so it can't send phishing emails? I get these once a week, and it's a pretty bad look. https://t.co/lerflUl2eR
Unclear if Firms Warned Apple About Stolen iPhone Hack Toolkit
We still don't know if Trenchant and L3Harris notified Apple once it learned its iPhone-hacking toolkit had been stolen/leaked. The toolkit was later used to target people in China and Ukraine. https://t.co/XBCHssnaQO https://t.co/y6g1IuwfVZ
Google Messages to Add Shield Against SMS Phishing
Google Messages may soon gain a new shield against SMS blasters A recent beta update reveals code for a dedicated protection feature to thwart localized phishing scams ✅ Details - https://t.co/lgOwSiOpRO
Evervault Secures $25M to Scale Secure Payment Encryption
ICYMI - .@Evervault raises $25M to scale its ‘secure-by-default’ approach to payment data encryption https://t.co/69Ndf6v1yM @SiliconANGLE @Mike_Wheatley “Quite simply, dealing with this is not their core business, it’s just a distraction from the real business…” - #NextGenApps https://t.co/b0LbyzoIoh
Sandboxing AI Coding Agents Prevents Unintended Data Access
AI coding agents running locally can execute commands and access files with the same permissions as the developer — raising the risk of unintended access to sensitive data. Safehouse is a macOS tool that runs agents in a sandbox to limit...
AI Agent Security Emerges as New Industry
Securing AI agents is becoming its own industry. OpenAI is acquiring cybersecurity startup Promptfoo to strengthen defenses around how AI systems behave and interact. As agents gain autonomy, protecting them may become as important as building them. https://t.co/JsM6H105Ic @cnbc @JonathanVanian
When Smart Devices Fail, Simpler Tech Wins
I spend my days around 𝗶𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝘁 𝘀𝘆𝘀𝘁𝗲𝗺𝘀. Which is exactly why my house behaves like it’s 1995. When you truly understand how “𝘀𝗺𝗮𝗿𝘁” 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 𝗴𝗲𝘁 𝗵𝗮𝗰𝗸𝗲𝗱, you start appreciating 𝘃𝗲𝗿𝘆 𝗱𝘂𝗺𝗯 𝘁𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝘆 again. #ai #technology
Q4 2025 Saw Surge in Critical Vulnerabilities
The fourth quarter of 2025 was real busy in terms of the number of critical vulnerabilities discovered. For more details, see our report: https://t.co/BbqufFIBtT https://t.co/uXmKR2wOi0
Chrome Extension Becomes Malicious After Ownership Transfer
Roses are red. Violets are blue. Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Legacy Breach Drives Board to Prioritize S/4HANA Upgrade
A company faced a cybersecurity breach through legacy systems, raising concerns about their current ECC software. The board was pushed towards an S/4HANA upgrade, thinking it was crucial for survival against maintenance sunsets. #SAP #Cybersecurity #DigitalTransformation https://t.co/nH8L4PewV9
Protect Processes, Not Just Data, to Avoid Agentic Sprawl
Everyone is talking about Agentic AI, but who is talking about Agentic Sprawl? If you aren't protecting the process as much as the data, your automation is a ticking time bomb. 💣 Get the reality check before #RSAC2026: 🔗 https://t.co/6PIC4o7OmO #CIO #CISO #AgenticAI...
IRS Never Requests Personal Info via Social Media
History meets modern security. Remember: the IRS will never contact you by social media or text to request personal or financial information.
Even Elaborate Spam Texts Are Still Scams
Got this spam text last night claiming I had a hearing for “toll evasion” and at first I thought wow, this feels like they put more effort than the standard phishing text but then I looked more closely and 😂
Prompt Injection Hacks Land Interview Phone Screens
lol I’ve seen these resume prompt injections work multiple times to get to phone screen
Signal Users Phished, Not Hacked: Officials' Accounts Compromised
Signal says "government officials and journalists" have had their accounts compromised via social engineering attacks (rather than any hack of its own system).
AI Era Elevates Need for Personal Data Protection
#AI-Powered Future: Why Protecting Personal #Data Online Matters More Than Ever by @SecurityTrybe #CyberSecurity #InfoSec #IT #Tech #Technology https://t.co/3qU68xpFLJ
AI Accelerates Data Flow, Making Sensitive Data Identification Harder
Great to host the cybersecurity roundtable in NYC with Cyera. Key takeaway: data security is getting dramatically harder. AI systems dramatically increase how fast data moves across systems and teams. Identifying truly sensitive data is becoming the real challenge.
Threat Actor Leverages Elastic Cloud SIEM for Stolen Data
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data https://t.co/JvGh3E1LjL https://t.co/YFBi1wO3Bx
Detect Reverse Shells with Process‑Network Monitoring Script
A Script To Monitor Application Network Connections 🔒 How would you spot a reverse shell such as was used in Lexus Nexus breach? I vibe coded this script to see parent and child processes with application paths, process names, IPs,...
AI-Driven Workflows Boost Cyber Risk; Security Platforms Poised for Growth
As AI agents begin operating across enterprise systems, cybersecurity becomes even more critical. Autonomous workflows increase API calls, expand attack surfaces, and accelerate the speed of cyber threats. Security platforms that combine AI detection, real-time telemetry, and integrated infrastructure are becoming...
This Week's Top Exploits: Qualcomm, iOS, AirSnitch, Vibe Malware
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware https://t.co/fIYq27CN68 https://t.co/fsqh6jPvJv
Shopify's Growth Fuels a Surge in Scams
Shopify's ecosystem is now mature enough to have more bad actors than any of us can stop. - Shopify app store: people clone your app. - Shopify agencies: people impersonate you. - Shopify merchants: people clone your store or use it to test...
Australia, NZ, Tonga Alert Surge in Pacific Ransomware Attacks
Australia, New Zealand, Tonga, Warn of Rising INC Ransom Attacks Targeting Pacific Networks https://t.co/7RXek7etJs https://t.co/ceSfRJQxvy
Cybersecurity Shifts Focus: Protect Data Behind Infrastructure
In Houston this week for the Cyber Security for Critical Assets Summit. Looking through the agenda, one thing stands out. The conversations are no longer just about protecting infrastructure. They are about protecting the data and systems that operate infrastructure. If you're...
AI Investment Boosts Cybersecurity Amid Market Uncertainty
Even as concern around artificial intelligence leads to market fluctuations in other sectors, cybersecurity is poised to benefit. Here's why governments and companies around the world are investing in AI as a defense mechanism: https://bit.ly/3OWDASt
Quantum Threat Drives Enterprise Shift to Post‑Quantum Crypto
Great conversation with enQase We discussed why #Quantum Threat & Post-Quantum Cryptography is becoming a top priority for enterprise #CISOs & #CTOs 📍FULL episode👇 https://t.co/QSA6g4byhP 📍Sched your mtg at #RSAC 👇 https://t.co/qQiSVb0J91 #PQC #cybersecurity #CEO https://t.co/FORk5259Nc
Advanced Protection Mode to Block Chrome WebGPU
Android's Advanced Protection Mode may soon start disabling WebGPU in chrome to protect against security threats ✅ Details & screenshot - https://t.co/c6KBB1avG2 https://t.co/XWUB3K7om6
Third‑party Integrations, Not SAP Core, Drive Breaches
Concerned about cybersecurity with your SAP system? Third-party tools, not S/4HANA, are often the real culprits in breaches. Hackers exploit vulnerabilities in integrated systems, not the core SAP software itself. #SAP #Cybersecurity #TechTips https://t.co/QTo2Og2Ct2
Agentic AI Accelerates SecOps/ITOps While Keeping Humans
Early agentic AI in SecOps nd ITOps: automated triage, narrative investigations, hypothesis-driven analysis, and faster MTTR with humans still in the loop. #AI #ITOps #SecOps https://t.co/e3w3lXkvfc
OpenClaw's Prompt Injection Defenses for Web Data Safety
Thinking about putting together a post about all the security measures I have in openclaw to protect against prompt injections. Critical if your openclaw ingests any web data, emails, etc. Would you read it?
Define Policy Once, Enforce Everywhere with GenAI
Regulated orgs should target "define policy once, enforce everywhere," with genAI helping map policy to each provider's primitives. #Cloud #CISO #CIO https://t.co/vBzM21vM14
Parenthood Turns Cyber Resilience Into Personal Responsibility
Cyber resilience feels different when you’re a parent. Security stops being abstract strategy and becomes something much more personal.
CIO Hides Risks, Board Demands Change Amid Cyber‑AI Pressures
A board was deeply concerned about cybersecurity, AI opportunities, and SAP maintenance deadlines. To mitigate these risks, a significant change was deemed necessary. However, the CIO failed to present the full scope of risks and alternatives. #Cybersecurity #AI #BusinessStrategy https://t.co/P9A0Dxq8YK
Check Your Data Exposure with Free Breach Lookup Tools
“To check if your details have appeared in any other public data breaches, there are a number of online tools that you can use, such as https://t.co/nppjjGzwdR” 😎
Proton Defends Compliance with Local Law, Sparks Backlash
People still shocked that Proton adheres to the law in the country in which they’re based 😮
Apply SRE Principles to Strengthen Security Practices
You can definitely apply SRE principles and practices to your security efforts. Here's a good post at things we do—eliminate toil, alert on symptoms, blameless postmortems, embrace gradual change—that you can do too. https://t.co/4lHNmUkQ52
AWS Secrets Manager Misuse Fueled Lexus Nexus Breach
Lexus Nexus Breach Involving AWS Secrets Manger, RDS, ECS 🔒☁️ Taking a look at the root cause of a breach on AWS, what is actually relevant, and how it may have been prevented https://t.co/Uox6A1LzE9 https://t.co/T7mTvFkZFZ
OT Cybersecurity Fails Governance, Not Just Terminology
OT cybersecurity is a governance failure masquerading as a vocabulary issue | Control Global https://t.co/ppRU4DoyMR
Enterprise Zero‑Days Hit Record High, Near 50% Share
"Both the raw number (43) and proportion (48%) of vulnerabilities impacting enterprise technologies reached all-time highs, accounting for almost 50% of total zero-days exploited in 2025." https://t.co/EP6ycYhJJd < threat landscape is changing. You ready?
UAE Launches World's First Sovereign Financial Cloud
The UAE Central Bank just built the world's first sovereign financial cloud — AI for AML, fraud, CBDC, zero-trust access, quantum-resistant encryption. Sovereign compute is now a national infrastructure decision, not a vendor one. World's First Sovereign Cloud System for Finance...
90 Zero-Day Exploits Surge as Enterprises Become Prime Targets
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow https://t.co/AasF2pQ7kO #BreakingNews https://t.co/fzlSfxjbz0
X Bans Undisclosed AI War Clips for 90 Days
X Defunds The Deepfakes: Undisclosed AI War Clips To Face 90-Day Revenue Ban | Republic World https://t.co/hUVPj3L7Nj #war #wardeepfake #Deepfake #DeepfakeDetection #AIGeneratedContent #AISecurity #DigitalForensics #SyntheticMedia #MediaManipulation #CyberSecurityAwareness #Disinformation #Misinformation #AIEthics #AIRegulation #TrustInMedia #ContentAuthentication #OnlineSafety
AI-Driven Plant Networks Require Built-In Cybersecurity
Contributor Spotlight: Shantae Hansen (p. 34) — as AI gets embedded into MES/ERP + IIoT + plant networks, cybersecurity has to be “built-in,” not bolted on. Practical moves: segment OT/IT, least-privilege + MFA, disciplined patching and tested offline backups. #Cybersecurity https://t.co/zvLr3eVkMd
Meta Glasses Privacy Breach Threatens AR Adoption
The biggest viral AI post across all lists today. 14,000+ retweets. Meta glasses sending intimate footage to offshore contractors is exactly the privacy nightmare everyone predicted. This could kill consumer AR adoption if not addressed immediately.
Early Draft Review Uncovers Fresh Views
Complex Systems this week is a tiny experiment: I did a read of a work-in-progress essay rather than the finished version with author's commentary. It's about secondary authentication/authorization, particularly for payments.
Agentic AI: Autonomous Ops Agents Beyond Simple Alerts
Think beyond co-pilots. Agentic AI in ops means agents that observe signals, reason across security and reliability data, and take guarded actions - not just summarize alerts. #ITOps #SecOps https://t.co/e3w3lXkvfc