Humans tend to be “a little bit precious about humans,” according to Eric Brandwine, distinguished engineer and VP at Amazon Security. 

We like to think we are all very good at our jobs, and we have high opinions of ourselves, he explained during a phone interview with The Register. “But when you actually get down to it, humans are not terribly consistent,” Brandwine said.

.. “It is very clear that we have moved from a human-led defense strategy, to a human-in-the-loop defense strategy, to an AI-led defense strategy that’s overseen by humans,” Google Cloud chief operating officer Francis deSouza told reporters during a press conference ahead of Google’s annual Cloud Next shindig in April. “Our model for the future is an agentic fleet that does a lot of the routine cyber security work at a machine pace and then is overseen by humans.” — Read More

Modern codebases run to millions of lines, change every day, and ship faster than any team can audit by hand. In a memory-unsafe language like C, a single overlooked defect such as a buffer overflow or a use-after-free can become a remotely exploitable vulnerability, and manual review cannot cover that surface. Anthropic recently showed that LLMs are now capable enough to find and fix vulnerabilities at scale, and that discovery is now straightforward to parallelize, so the effort has shifted to proving a finding is exploitable, triaging it, and patching it.

Anthropic calls the whole process a six step find-and-fix loop, and we are going to build every step of it. —  Read More

Amazon CEO Andy Jassy was ​among tech leaders who raised concerns to senior Trump administration officials this week about security risks in Anthropic’s most ‌advanced AI models, a person familiar with the matter told Reuters.

Jassy’s involvement sheds light on the extraordinary move by Anthropic on Friday to shut down its latest models globally in response to national security orders from President Donald Trump’s administration. — Read More

We’ve spent the past year investigating how threat actors are weaponizing AI to conduct cyber operations. Today, we’re sharing a new analysis that maps these real-world attacks onto the MITRE ATT&CK® framework, a database of tactics and techniques used by cyberattackers. Doing so reveals patterns that challenge traditional assumptions about cybersecurity—for example, the level of risk a threat actor poses can be assessed via metrics like technical sophistication or breadth of techniques. We partnered with Verizon to include some of these results in the 2026 Verizon Data Breach Investigation Report (DBIR), and are publishing this report to offer a longer-form analysis of trends we are seeing in AI-enabled cyber operations. — Read More

#cyber

Today, Anthropic released their Claude Fable 5 model to consumer and enterprise audiences. This is the general-access variant of their Mythos-class models. With it, Anthropic rolled out a series of safety measures — some explicitly called out to users and some modifying the model without telling the user. It should be less surprising than it is that the next major step in AI capabilities came with heavier-handed safety measures indicating Anthropic’s intention to protect, or entrench, their current lead.

The unevenly applied safety policies that Anthropic have rolled out are on track to become a classic cautionary fable in how narrow and self-fulfilling notions of safety and control rarely work out. — Read More

When an agent decides to run code, where does that code run, and what can it touch? Every coding-agent vendor now has an answer. OpenAI’s Codex CLI sandboxes locally through OS-native primitives: macOS Seatbelt, Linux Landlock + seccomp; Anthropic’s Claude Cowork runs the agent inside a full local Linux VM layered with seccomp and a network allowlist; hosted offerings like Google’s GKE Agent Sandbox and LangSmith Sandboxes wrap the workload in a VM or container. But so far, no OS vendor has provided a native solution.

At Build 2026, Microsoft open-sourced MXC, the Microsoft eXecution Container, under the MIT license: “a sandboxed code execution system for running untrusted code (model output, plugins, tools) on Windows, Linux, and macOS.” — Read More

In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software. It was a fantastic PR move, and so many press outlets have uncritically parroted Anthropic’s claims that it’s now common wisdom that Mythos is better at finding software vulnerabilities than other models. Which is just not true. — Read More

#cyber

A Model Context Protocol (MCP) server for comprehensive threat modeling with automatic code validation

This server provides tools for threat modeling, including business context analysis, architecture analysis, threat actor analysis, trust boundary analysis, asset flow analysis, code security validation and comprehensive report generation. — Read More

Claude Mythos Preview’s ability to develop exploits is a step-change over previous frontier models. This was one of our primary motivations for rolling out the model carefully through Project Glasswing rather than through a general release. Mythos Preview is capable of finding complex vulnerabilities, but what concerned us most in our internal testing was that Mythos Preview could both turn vulnerabilities into exploit primitives, and combine those primitives together into complete end-to-end attack chains.

When we published our Mythos Preview results, we measured its capabilities by having it search for novel zero-days and then build exploits for them. Qualitative evaluations like this are helpful for showcasing a model’s capabilities—but ideally, we would have high-quality quantitative benchmarks that let us measure them precisely. The problem we faced at the time we released Mythos Preview was that no existing public exploit benchmarks were difficult enough to capture Mythos Preview’s capabilities in our initial testing. — Read More

#cyber

… Cisco’s new study, AI Impact on Wide Area Networks 2026, finds AI and agentic AI will not only increase traffic volume but also, “they will change traffic shape, symmetry, duration, and criticality,” the study reports. “AI inference paths will become strategic network assets, requiring high levels of resilience, observability, and differentiated treatment, for example, Quality of Service (QoS) and path security.” — Read More

#cyber