Mastodawn

Don't forget that the real reason this happens is because THE SOFTWARE THAT WAS TARGETED IS BROKEN.

Fix the software. Use #AI to do that.

#swsec and #appsec 101. If you find it but don't fix it, that does nobody any good.

https://www.nytimes.com/2026/05/11/us/politics/google-hackers-attack-ai.html?unlocked_article_code=1.hlA.vW7Y.pO_0G8yLYoca&smid=nytcore-android-share

Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug. The attempted attack represents “a taste of what’s to come,” one expert said.

The New York Times

Show thread

Gary McGraw 3d ago

The NY Times just wrote about the mythos dustup.
(unlocked article) https://www.nytimes.com/2026/05/12/technology/anthropic-claude-mythos.html?unlocked_article_code=1.h1A.aXHQ.35ofMK-FbSLN&smid=nytcore-android-share

Is Anthropic’s Claude Mythos Really a Cybersecurity Risk?

Anthropic said that Claude Mythos was too dangerous to release to the public. That claim has reopened an old debate over cybersecurity.

The New York Times

Show thread

Gary McGraw 2d ago

BIML is proud to release a new study today:
No Security Meter for AI

#AI #ML #MLsec #security #infosec #swsec #appsec #LLM #AgenticAI

https://berryvilleiml.com/results/no-security-meter-ai.pdf

Registration Form ‹ Berryville Institute of Machine Learning — WordPress

Show thread

Marius (windsheep)4d ago

@cigitalgem Name one flawless software people use for business

Show thread

Gary McGraw 4d ago

@windsheep there are none. That's the point.

We know how to build secure software. We should do it. We can use #AI to work on the immense piles of technical debt we are sitting on.