Security Unlocked

The Registry Trusted the Token

Mon, 08 Jun 2026 00:00:00 +0000

GitHub OIDC trusted-publishing solved the stored-credential problem and created a new attack surface in the same motion: three independent actors exploited it in a single week, producing malicious packages carrying valid provenance attestations.

Threat Economics: Week of June 2 - June 8, 2026

Mon, 08 Jun 2026 00:00:00 +0000

Three simultaneous EDR exploits expose a $16B cyber insurance underwriting assumption, while npm’s collapse as trusted infrastructure validates the developer security VC thesis absorbing the most capital in Q1 2026.

Trusted Vendor, Compromised Namespace: Miasma Escalates Supply Chain Risk While AI Cements Its Role in Ransomware Development

Thu, 04 Jun 2026 00:00:00 +0000

The Mini Shai-Hulud worm now operates inside Red Hat’s official npm namespace, proving that vendor-maintained packages are viable supply chain targets; simultaneously, the first confirmed AI-assisted ransomware toolchain documents a qualitative shift in what moderately skilled operators can build.

The Agent Trusts the Answer

Mon, 01 Jun 2026 00:00:00 +0000

Two CVSS 9.8 vulnerabilities this week share an identical root cause: AI agent frameworks treat LLM output as safe to execute, the same cognitive error that produced SQL injection in 2003.

Threat Economics: Week of May 26 - June 1, 2026

Mon, 01 Jun 2026 00:00:00 +0000

The TeamPCP campaign’s full-stack attack on API keys, CI/CD tokens, and developer credentials is simultaneously the proof point for a $24.6 billion NHI acquisition wave and a live stress test of cyber insurance policy language that wasn’t written to cover it.

When Attackers Show You the Wrong Problem: SRG Goes Physical, MuddyWater Goes Ransomware

Thu, 28 May 2026 00:00:00 +0000

Two threat actor reports published this week document attackers who design their operations to trigger the wrong defensive response: Silent Ransom Group physically walks someone into a law firm when remote attacks fail, and MuddyWater deploys ransomware as cover for espionage.

Signing-as-a-Service Exposed: Fox Tempest Sold Microsoft's Code-Signing Trust Per Payload

Thu, 21 May 2026 00:00:00 +0000

Microsoft’s Fox Tempest takedown exposes a criminal market for code-signing trust sold per payload; a PAN-OS zero-day with six weeks of state-sponsored exploitation went unreported through all of W21; and Shai-Hulud nearly doubled in scope with Grafana’s source code as the first named downstream casualty.

The Affordability Problem Nobody Talked About at RSA

Wed, 20 May 2026 00:00:00 +0000

Vendors at RSA 2026 sold agentic SOC capability as the answer to alert overload. The pricing model underneath, metered tokens against enterprise data volumes, was never on the keynote agenda. The organizations the affordability gap actually threatens are the ones not in the room.

The Detection Paradigm Is Broken: Why Behavioral SE Defense Is the Next Frontier

Wed, 20 May 2026 00:00:00 +0000

AI-assisted social engineering has eliminated the imperfection signals that detection tooling was built to find. The residual signal lives in behavior, not content. The vendors built for content scanning cannot pivot, and the gap is where the next significant security company gets built.

The Threat Actor Is a Fiction: Why Attribution's Core Unit Is Breaking

Wed, 20 May 2026 00:00:00 +0000

M-Trends 2026 shows the median time between initial access and downstream handoff dropped to 22 seconds. That number is not primarily a detection challenge. It is an epistemological one. The ’threat actor’ as an analytical unit is becoming structurally incoherent, and attribution methodology has not caught up.

Your Name Is on the Final Report

Wed, 20 May 2026 00:00:00 +0000

The SANS panel at RSA 2026 named irresponsible AI adoption as one of the five most dangerous new attack techniques. When an agentic security system makes the wrong call, the accountability does not dissolve into the architecture. It migrates to a person. That person is you.

Threat Economics: Week of May 11 - May 17, 2026

Mon, 18 May 2026 00:00:00 +0000

APT45’s confirmed AI-generated zero-day hands the autonomous security testing market its validation receipt, while simultaneous supply chain attacks on AI developer packages tell investors exactly which environments adversaries have already priced as high-value targets.

Three Point One

Mon, 18 May 2026 00:00:00 +0000

When a vulnerability transmits your database credentials to a third-party endpoint by design and scores CVSS 3.1, the problem is not the vulnerability, it is the triage system that will deprioritize it.

AI Writes the Exploit: UNC2814's Gemini Zero-Day and the Automation Gap That Just Closed

Thu, 14 May 2026 00:00:00 +0000

Google GTIG’s confirmation of the first AI-generated zero-day deployed in a live attack closes the loop on Monday’s AI agent vulnerability wave, connecting the attack surface (vulnerable AI frameworks) to the attack tool (AI-generated exploits) in the same reporting week.

Developer Workstations Are the New Beachhead

Tue, 12 May 2026 00:00:00 +0000

Three independent threat campaigns in early 2026 (the North Korea-attributed Contagious Interview operation, the GlassWorm Zig-dropper IDE extension malware, and the TeamPCP cascading supply chain compromise) converged on the same conclusion: developer workstations are now the highest-value initial access target in enterprise environments. The convergence is a price signal, not a coincidence.

DLP Is Underwater: How the Exfiltration Economy Inverted in Six Weeks

Tue, 12 May 2026 00:00:00 +0000

The economic case for DLP rested on a stable ratio between attacker cost per exfiltration event and defender cost per prevented event. Six weeks of pipeline data show that ratio fully inverted. Large language models collapsed attacker cost to a prompt; defender cost has not moved. DLP programs that have not restructured their architecture are now structurally underwater, and five independent exfiltration channels are the evidence.

Model Intuition: The SOC Skill Agentic AI Will Demand From Every Analyst

Mon, 11 May 2026 00:00:00 +0000

When agents triage 200 alerts and surface five, the analyst’s job is no longer processing signals. It is judging whether the system processing them was sound. That judgment, model intuition, is the difference between an output that looks right and one that is structurally right. Without it, agentic SOCs scale the wrong answers as efficiently as the right ones.

The Agent Trusts the Output

Mon, 11 May 2026 00:00:00 +0000

Eight AI agent frameworks disclosed the same class of remote code execution vulnerability in a single week because the entire ecosystem shares a cognitive failure: treating LLM output as trusted data rather than untrusted instructions.

Threat Economics: Week of May 4-10, 2026

Mon, 11 May 2026 00:00:00 +0000

Eight AI agent framework RCEs in a single week, a first-ever AI proxy addition to CISA’s KEV catalog, and CrowdStrike’s $1.1 billion identity bet all converging in the same week signals that the agentic AI security market has moved from thesis to demonstrated demand.

Palo Alto Captive Portal Zero-Day Under Active Chinese-Linked Exploitation, First Patches May 13

Fri, 08 May 2026 13:00:00 +0000

CVE-2026-0300 (CVSS 9.3) is an unauthenticated, root-level RCE in the PAN-OS User-ID Authentication Portal of PA-Series and VM-Series firewalls, under active exploitation by a likely China-aligned cluster Unit 42 tracks as CL-STA-1132. First hotfixes ship May 13. Anything with the Captive Portal exposed to untrusted networks needs immediate mitigation.

8 Guiding Principles for Reskilling the SOC for Agentic AI

Fri, 08 May 2026 00:00:00 +0000

Quoted on the cognitive reskilling SOC analysts will need as agentic AI takes over Tier 1 and Tier 2 triage, including the ‘model intuition’ framing for distinguishing structurally wrong from plausible-sounding agent output.

ShinyHunters Adds 275 Million Students to Monday's Breach Wave, PAN-OS Zero-Day Leaves Perimeter Gaps Until May 13

Thu, 07 May 2026 00:00:00 +0000

ShinyHunters expanded Monday’s identity breach wave to 275 million education users via Canvas and pivoted to cloud data warehouse infrastructure at Vimeo; separately, an unpatched PAN-OS RCE zero-day leaves internet-facing firewalls exposed until at least May 13.

Threat Economics: Week of April 27 - May 3, 2026

Mon, 04 May 2026 00:00:00 +0000

Eight AI agent framework CVEs in one week and ShinyHunters’ no-exploit identity breach wave validate the two fastest-growing investment theses in cybersecurity, while CIRCIA’s 316,000-entity reporting mandate positions a multi-year compliance procurement cycle.

What the Model Returns, the Shell Executes

Mon, 04 May 2026 00:00:00 +0000

Eight AI agent frameworks disclosed the same architectural vulnerability in a single week, revealing that the AI agent ecosystem is repeating the early-web SQL injection era under exploitation timelines that leave no room to learn slowly.

Copy Fail Gives Root on Every Linux Kernel Since 2017, No Race Condition Required

Sat, 02 May 2026 07:00:00 +0000

CVE-2026-31431 is a deterministic local privilege escalation in the Linux kernel’s authencesn crypto template, with a public exploit and no race condition, making it the most reliable Linux LPE since Dirty Pipe.

LiteLLM's 36-Hour Exploitation Window Confirms the AI Attack Surface Has Moved Up the Stack

Thu, 30 Apr 2026 00:00:00 +0000

The rapid exploitation of CVE-2026-42208 in LiteLLM marks the first confirmed weaponization of the AI API proxy layer, while TeamPCP’s new ransomware partnership turns out to be a wiper with no recovery path.

Invisible by Default: AI Middleware Is the New Soft Target

Wed, 29 Apr 2026 00:00:00 +0000

Three AI middleware vulnerabilities (LiteLLM, LeRobot, Entra Agent ID) hit the same architectural layer in the same week, all pre-auth or unauthenticated, with one being exploited thirty-six hours after disclosure. The seams of the AI stack are shipping faster than security teams can map them, and middleware that earns trust through utility is becoming the next high-value target.

When the Security Tool IS the Supply Chain Attack

Tue, 28 Apr 2026 17:00:00 +0000

TeamPCP’s supply-chain campaign has propagated from Trivy to Checkmarx KICS, Checkmarx GitHub Actions, two Open VSX plugins, and now Bitwarden CLI. Lapsus$ is handling the extortion. The blast radius now reaches a password manager with 10M+ users.

Agentic Trust Debt: How 'Agent-Controlled Input' Became the New Buffer Overflow

Tue, 28 Apr 2026 00:00:00 +0000

Five AI agent frameworks disclosed the same vulnerability class in a single week, and the MCP SDK STDIO injection extended the pattern across four language ecosystems. The cluster reads like the buffer overflow era: a field-level conceptual gap in how agentic systems handle trust, not a string of individual implementation bugs.

AI Infrastructure Exploited Within 24 Hours of Disclosure

Mon, 27 Apr 2026 00:00:00 +0000

Four AI infrastructure platforms (Langflow, Marimo, LMDeploy, Flowise) were exploited within 24 hours of vulnerability disclosure last week. The patching window has collapsed to under one attacker shift.

Threat Economics: Week of April 20-26, 2026

Mon, 27 Apr 2026 00:00:00 +0000

Adversaries exploited four AI platforms in under 24 hours each while $3.8B in Q1 cybersecurity capital concentrated 46% into AI security: the market validated the attack surface before defenders finished reading the advisories.

Three Critical Exploits Hit Management Planes and Endpoints

Sun, 26 Apr 2026 16:00:00 +0000

Three critical vulnerabilities under active exploitation target FortiClient EMS, Adobe Acrobat Reader, and nginx-ui, collectively exposing enterprise management planes and endpoints to unauthenticated remote code execution.

Defenders Under Siege: How Adversaries Turned Security Tools Into Weapons This Week

Tue, 21 Apr 2026 00:00:00 +0000

Three incidents this week reveal the same strategic pattern: attackers turning trusted defensive infrastructure into weapons. Microsoft Defender zero-days, the Trivy scanner compromise that breached the European Commission, and UNC6783’s live-chat social engineering all exploit a cognitive constant: defenders don’t question the tools they depend on.

Threat Economics: Week of April 13-19, 2026

Mon, 20 Apr 2026 00:00:00 +0000

Weekly market intelligence: Linx Security’s $50M identity bet, $4.62B in Q2 cybersecurity funding, and why NIS2 enforcement and CIRCIA deadlines are about to reshape enterprise buying criteria.

The Protocol Is Doing Its Job

Sun, 19 Apr 2026 00:00:00 +0000

MCP’s trust architecture makes any exposed management interface a pre-authenticated command shell by design, not by accident, and two RCE vulnerabilities in the same week reveal a deployment curve that has outrun both audit methodology and detection playbooks.

Anthropic's Best Week and Worst Week Were the Same Week

Wed, 15 Apr 2026 00:00:00 +0000

Anthropic unveiled an AI that finds decades-old zero-days while shipping three injection flaws in its own CLI, exposing the gap between offensive capability and defensive practice.

Threat Economics: Week of April 6-12, 2026

Wed, 15 Apr 2026 00:00:00 +0000

Weekly market intelligence: Anthropic’s $100M Glasswing commitment, the FBI’s $21B cybercrime figure, and why developer security tooling is the next VC cycle.

Mythos Finds Zero-Days. npm Found Three More.

Sun, 12 Apr 2026 00:00:00 +0000

The same week Anthropic unveiled an AI that autonomously finds zero-days, its own CLI shipped a CVSS 9.8 command injection, exposed by a debugging artifact that had been sitting in an npm package since March 31.

Trust Is the Exploit

Mon, 06 Apr 2026 00:00:00 +0000

From a six-month DPRK social engineering operation to mass exploitation of developer ecosystems, this week’s threat landscape reveals that the most reliable attack surface is the trust we extend by default.

The Mental Model Is the Vulnerability

Fri, 27 Mar 2026 00:00:00 +0000

Five AI infrastructure disclosures in one day share the same root cause: the gap between what users believe their security settings do and what the framework actually executes.

Trust Is the Attack Surface

Tue, 17 Mar 2026 00:00:00 +0000

Every major incident this week exploited institutional or interpersonal trust rather than technical vulnerabilities. The adversary’s target is not the system. It is the relationship.

Are Hacktivists Going Out of Business? Or Just Out of Style

Fri, 09 Jan 2026 00:00:00 +0000

Hacktivism hasn’t disappeared; it has been absorbed into the cybercrime economy and repurposed as cover for state-sponsored operations, forcing defenders to rethink how they assess ideologically motivated threats.

Predicting the Six Biggest Impacts AI Will Have on OT Cybersecurity

Wed, 07 Jan 2026 00:00:00 +0000

Quoted on treating AI agents as insider threats and the emerging legal liability for autonomous AI decisions in enterprise environments.

Predicting the Six Biggest Impacts AI Will Have on OT Cybersecurity

Wed, 07 Jan 2026 00:00:00 +0000

Quoted on why enterprises need to start treating AI systems as insider threats, the coming wave of AI liability lawsuits, and the machine identity crisis facing security teams.

2026 Security Predictions: Are You Prepared?

Tue, 02 Dec 2025 00:00:00 +0000

Quoted on why enterprises must adopt nation-state-grade defenses as APT groups increasingly target private-sector companies for economic disruption, IP theft, and geopolitically aligned espionage.

What National Cybersecurity Awareness Month Means in 2025

Fri, 03 Oct 2025 00:00:00 +0000

Quoted on why enabling multi-factor authentication remains the single highest-impact action individuals can take against credential-based attacks.

AI Agents Are Mapping Your Organization

Fri, 08 Aug 2025 00:00:00 +0000

Automated reconnaissance agents now profile entire organizations in minutes, compiling dossiers from public sources faster and more comprehensively than ever before, reshaping how defenders must think about information exposure.

When Yesterday's Emails Never Happened: Conversation Hijacking Attacks

Tue, 17 Jun 2025 00:00:00 +0000

AI-fabricated email threads now bypass traditional security controls entirely by exploiting workplace authority dynamics and psychological familiarity, eliminating malicious indicators while weaponizing legitimate communication patterns.

When Confusion Becomes a Weapon: Economic Uncertainty and Cyber Risk

Wed, 23 Apr 2025 00:00:00 +0000

Economic turbulence weaponizes organizational chaos through social engineering campaigns that exploit distraction and degraded attention. while paradoxically prompting security budget cuts exactly when attacks intensify.

Strategic AI Alliances and the Geopolitics of Today's Internet

Mon, 21 Apr 2025 00:00:00 +0000

As nations weaponize AI and enforce data sovereignty requirements, the borderless internet has fractured into competing digital blocs, forcing enterprises to navigate fragmented compliance regimes while adversaries exploit jurisdictional gaps.

US Cybersecurity Efforts for Spacecraft Are Up in the Air

Thu, 06 Feb 2025 00:00:00 +0000

Quoted on the lack of progress in spacecraft cybersecurity standards and why the delay is concerning given supply chain breaches targeting government systems.

Why Your Desire for Free TV Could Cost You

Tue, 04 Feb 2025 00:00:00 +0000

Pirated streaming platforms weaponize user impatience through layered deception, fake CAPTCHAs, disguised malware installers, and obfuscated command execution, turning entertainment shortcuts into persistent device compromise.

Scam Yourself Attacks: The New Evolution of Social Engineering

Tue, 21 Jan 2025 00:00:00 +0000

Scam-Yourself attacks manipulate users into triggering their own compromise through familiar interfaces and psychological triggers, making the victim an unwitting accomplice in their own breach.

Hack the Hacker's Mind: Weaponizing Cognitive Biases in Cyber Defense

Thu, 16 Jan 2025 00:00:00 +0000

Adversarial Cognitive Engineering flips traditional defense models by exploiting predictable patterns in attacker decision-making, using deception operations to waste attacker resources rather than merely detecting intrusions after they occur.

Evolving Cyber Resilience: From Tool Sprawl to Ecosystem Balance

Fri, 10 Jan 2025 00:00:00 +0000

Modern security ecosystems have grown so complex they create vulnerabilities through sheer disorganization. Resilience requires treating security architecture like biological systems that adapt through classification, evolution, and purposeful simplification.

The Dual-Edged Sword of AI in Cybersecurity

Tue, 07 Jan 2025 00:00:00 +0000

AI amplifies both defensive and offensive capabilities asymmetrically, raising the ceiling for defenders while lowering the floor for attackers and creating a fundamentally new threat multiplier that organizations cannot address through traditional approaches alone.

Mon, 01 Jan 0001 00:00:00 +0000

Josh Taylor Writing Guide

Voice and Positioning

Write as a cybersecurity strategist, SOC leader, doctoral researcher, and published analyst. Combine strategic clarity, technical credibility, psychological insight, and measured authority. Sound like someone who has operated in real environments and studied the field deeply. Never sound like a vendor brochure, generic marketer, or academic performing impressiveness.

Audience and Tone Modes

Before writing, confirm:

Who is the audience?
Executive, Practitioner, or Research-informed tone?
Publication venue — neutral outlet or Fortra-aligned?
Should Fortra be mentioned explicitly?
Is there a current event or trend to anchor the piece?

Tone modes:

Privacy Policy | Security Unlocked

Mon, 01 Jan 0001 00:00:00 +0000

How we collect, use, and protect your information.

Terms of Use | Security Unlocked

Mon, 01 Jan 0001 00:00:00 +0000

The rules for using Security Unlocked.