Gary McGrawMay 11

Don't forget that the real reason this happens is because THE SOFTWARE THAT WAS TARGETED IS BROKEN.

Fix the software. Use #AI to do that.

#swsec and #appsec 101. If you find it but don't fix it, that does nobody any good.

https://www.nytimes.com/2026/05/11/us/politics/google-hackers-attack-ai.html?unlocked_article_code=1.hlA.vW7Y.pO_0G8yLYoca&smid=nytcore-android-share

Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug. The attempted attack represents “a taste of what’s to come,” one expert said.

The New York Times
Show threadGary McGraw
The NY Times just wrote about the mythos dustup.
(unlocked article) https://www.nytimes.com/2026/05/12/technology/anthropic-claude-mythos.html?unlocked_article_code=1.h1A.aXHQ.35ofMK-FbSLN&smid=nytcore-android-share
Is Anthropic’s Claude Mythos Really a Cybersecurity Risk?

Anthropic said that Claude Mythos was too dangerous to release to the public. That claim has reopened an old debate over cybersecurity.

The New York Times
May 12 at 8:43pmWeb