Browsing Tag
AI Cybersecurity
10 posts
Cybersecurity risks, defenses, and policy tied to artificial intelligence systems.
Apple’s Early Security Updates Show AI Is Shrinking Patch Windows
Apple pushed iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2 out before the broader 26.6 release cycle, citing AI-driven security concerns. The update is a practical reminder that patch timing now matters as much as patch content.
GLM-5.2 Puts Open-Weight AI on the Cybersecurity Shortlist
Z.ai's GLM-5.2 is forcing security teams to take open-weight models seriously for vulnerability discovery, code review, and agentic security work. The practical question is no longer whether open models can compete, but how teams should evaluate them safely.
Anthropic’s Mythos Test Shows Why AI Cyber Defense Is Becoming Classified Work
An Anthropic Mythos test with U.S. intelligence agencies reportedly found vulnerabilities in highly sensitive government systems within hours. The episode sharpens the policy problem around frontier AI: the same models that can help defenders fix critical software can also compress the timeline for attackers.
Five Eyes Warns Frontier AI Could Compress Cyber Risk Into Months
Five Eyes cyber agencies warned on June 22 that frontier AI could transform offensive and defensive cyber operations on a months-long timeline. The guidance turns AI-enabled cyber risk into a board-level resilience issue, with practical pressure on patching, identity controls, legacy systems, incident response, and defensive AI use.
Dream’s $260M Round Turns Sovereign AI Into Cyber Infrastructure
Dream raised $260 million at a $3 billion valuation for sovereign AI and cyber defense systems built for governments. The deal shows how national AI infrastructure and critical-infrastructure security are becoming the same market.
Microsoft MDASH Moves AI Bug Hunting Into Real Security Workflows
Microsoft says its MDASH agentic security system is now being used across Windows, Azure, and identity workflows, with new findings in Hyper-V, HTTP.sys, the Windows kernel, and Active Directory. The update shows AI vulnerability discovery moving from benchmark claims toward real engineering pipelines, while proof generation remains the hard part.
Security Leaders Say the Fable 5 Ban Could Hurt Cyber Defense
An open letter from cybersecurity leaders asks the U.S. government to lift export controls on Anthropic’s Fable 5 and Mythos 5, arguing that the disputed capability overlaps with normal defensive bug fixing and should be handled through transparent AI risk reviews.
NIST’s AI Guardrail Proof Makes Prompt Injection a Continuous Security Problem
NIST says a fixed set of AI guardrails cannot be universally robust against adaptive adversarial prompts. For teams deploying AI agents, the practical answer is continuous red-teaming, guardrail updates, access limits, and recovery planning.
CISA’s New Patch Directive Makes Three Days the High-Risk Deadline
CISA’s BOD 26-04 replaces flat federal vulnerability deadlines with a risk-based model that can require three-day remediation and forensic triage. The lesson for security teams is that exposure, exploitation, automation, and impact now matter more than CVSS alone.
Trump’s AI Order Turns Frontier Models Into a Cybersecurity Deadline
The first deadlines in Trump’s AI cybersecurity order arrive in early July and August, pushing agencies toward AI-enabled defenses, a vulnerability clearinghouse, and voluntary pre-release access to frontier models.