All topics
This week we dig deep into the Vercel intrusion that emerged last weekend, how it happened, what the response was, and what the downstream effects may be for defenders. Then we talk about CISA’s bizarre delayed response to the Axios npm compromise and what it signals about the agency’s capabilities going forward.
The incident came to light on Sunday and the company says it has brought in an incident response provider to investigate the intrusion. Details of the intrusion are scant at this point.
It’s been A WEEK. Security news never sleeps, and neither does AI, so Dennis and Lindsey dive into all of the storylines coming from the Claude Mythos and Project Glasswing announcements, how organizations will deal with the coming flood of CVEs and patches, NIST’s decision to only enrich specific CVEs going forward, and what could possibly be next on […]
It’s still very early days for all of this, and relatively little is known about Claude Mythos’s real capabilities, so we wanted to dig into what actually is known and what it all means.
Dennis sits down with Tom Ptacek of Fly.io, a veteran security researcher, founder, and observer of the vulnerability landscape, to talk about the recent wave of AI-assisted vulnerability discovery and exploit development, specifically from the use of frontier models such as Claude Mythos. Tom has strong opinions on what’s coming and how human researchers and […]
Claude Mythos Preview is making huge waves in the world of vulnerability discovery and exploit development. And it’s not even publicly available! We asked hacker and Luta Security CEO Katie Moussouris and AI and machine learning security pioneer Gary McGraw what AI-enabled bug hunting means for researchers, defenders, and enterprise security teams.
