Javvad Malik 

555 Followers
499 Following
938 Posts
@sawaba very true

Thought-provoking post... does anyone know what a vulnerability even is anymore?

https://research.empiricalsecurity.com/research/the-vulnerability-identity-crisis

The Vulnerability Identity Crisis | Empirical Security

Art Manion and I have been spending roughly an hour a week for the past couple of years working through what sounds like a simple question: What are the minimum viable elements needed to define and identify a vulnerability?

Empirical Security

Bees figured out tool use through play. Your organisation is still debating whether employees should be allowed to experiment with security tools at all.

https://www.flyingpenguin.com/scientists-reveal-that-bees-use-tools/

Scientists Reveal That Bees Use Tools | flyingpenguin

"we will never ask you to paste a command" is the new "we will never ask for your password”

Enterprises spent H1 2026 realizing that expensive AI agents deliver exactly as much value as expensive consultants who don't understand your business. Both require you to do the actual work.

https://www.constellationr.com/insights/news/heres-what-we-learned-about-ai-projects-enterprise-buyers-so-far

Here’s what we learned about AI projects from enterprise buyers so far | Constellation Research

Enterprise buyers are maturing quickly when it comes to AI and AI agents and looking to redesign operations, deliver outcomes, maintain governance and cost discipline. If there was a word to describe what enterprises want it's "optionality" since AI and the vendor landscape are changing to quickly to make a wrong bet.

@krypt3ia is that a no because he doesnt have a CISSP 😏

Skipping Black Hat and DEFCON this year? Consider presenting at BSides Hanoi instead. Now in its second year, the conference takes place on August 5th, 2026, and a few more talk slots are still open - but the submission deadline is today. Apply here: https://www.bsideshanoi.net/en/call-for-paper

Thank you to everyone who has already submitted!

Call for Paper - BSides Hanoi 2026

Submit your proposal for BSides Hanoi 2026 NoHuman.

BSides Hanoi 2026
@zackwhittaker no, thank you good sir!

Finland's sand battery uses crushed soapstone from fireplace offcuts, heated to 600°C, and it achieved 100% oil reduction, 70% co2 emissions reduction and more!

https://hermez.prose.sh/finland-sand-battery-survived-winter

Finland's Sand Battery Survived the Worst Winter. But What's Actually Inside?

prose.sh

Eight years of a weekly security newsletter is eight years of showing up. Most people quit when engagement flattens. Zack Whittaker didn't... and I think we're all better off for it!

https://this.weekinsecurity.com/reflections-on-eight-years-of-writing-this-week-in-security/

Reflections on eight years of writing ~this week in security~

Your favorite weekly cybersecurity newsletter marks eight years on the web.

~this week in security~