Haha thank you

Trusted access for the next era of cyber defense OpenAI expands its Trusted Access for Cyber program, introducing GPT-5.4-Cyber to vetted defenders and strengthening safeguards as AI cybersecurity capabilities advance.

On the PR front, seeing some good messaging from OpenAI instead of Anthropic, for once, is pretty cool.

Life keeps getting interesting!

openai.com/index/scalin...

Me too or not, they are owning it.

They are clearly differentiating by positioning themselves as the ideological opposite of Anthropic's program.
That said, no one said Anthropic won't expand its program.

To many in the industry, the move felt like a "me too" play, even though OpenAI had originally announced its own plan before Anthropicת and Sam Altman spoke about the problem of models becoming good at security months ago, positioning it as a challenge.

Following Anthropic's Glasswing initiative, OpenAI is expanding its security access program, allowing defenders to access otherwise limited security research capabilities.

Originally reposted this OpenAI PR from @Katie Moussouri, and I wanted to say more.

“We don’t think it’s practical or appropriate to centrally decide who gets to defend themselves. Instead, we aim to enable as many legitimate defenders as possible, with access grounded in verification, trust signals, & accountability.”

NIST Updates NVD Operations to Address Record CVE Growth New risk-based model will allow NIST to manage current CVE volume while modernizing the NVD for long-term sustainability.

…This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025. We don’t expect this trend to let up anytime soon. Submissions during the first three months of 2026 are nearly one-third higher than the same period last year.”

www.nist.gov/news-events/...

Well, it’s not like we saw this coming, right?

“CVEs that do not meet those criteria will still be listed in the NVD but will not automatically be enriched by NIST…

If jobs become redundant, we must understand how people don’t follow.

Yes! And more, while we may all be replaced one day, right now the attackers move at machine speed, but defense lags behind and the only force multiplier is people… using AI. In attack, well… some vuln research friends are considering a career as washing machine technicians. Seems safe.

And as usual, if you'd like to discover or protect your agents and coding assistants, drop me a line, or check out what we do Knostic.

knostic.ai

3. Mythos is the name of the problem now, as it's how most discovered it, including the press, the Board, and our families.

It is a REAL and IMMENSE problem, with HYPE attached. But the hype doesn't make it any less real, or any less disruptive.

2. Mythos is new, and powerful, and not to be dismissed, but more than that now represents the wider problem. There are many capabilities that have been around for a long time, a couple that are new, and many other models that will follow.

A week later, my TL;DR take on Mythos:
1. We've all survived 20-30 apocalyse(s) in our careers. We will survive this one, the Sun will rise tomorrow.

I’m sorry

We were so busy replacing all the employees with objectively worse performing AI that we forgot to ask who would buy all the software licenses.

הנזק הכי גדול של AI זה שהוא גרם לאנשים שלא היה להם מה להגיד להתחיל להגיד את זה בקול רם כל יום בלינקדאין עד שהפיד שלי נהיה סלופ תעשייתי של קרינג' מג'ונרט, this is why we can't have nice thi... הנזק הכי גדול של AI זה שהוא גרם לאנשים שלא היה להם מה להגיד להתחיל להגיד את זה בקול רם כל יום בלינקדאין עד שהפיד שלי נהיה סלופ תעשייתי של קרינג' מג'ונרט, this is why we can't have nice things תאמינו ל...

Original: www.linkedin.com/posts/adir-d...

All credit for thread/content goes to the brilliant Adir Duchan (ההוא מהזה), in the original Hebrew.
My contribution? I laughed hard, and translated with Claude’s help... Okay, it was mainly Claude!

Everyone here acts like they’re Forbes Under 30, meanwhile I’m just surviving another round of layoffs every March

Anyway, California called, Anthropic’s next release is coming like a wildfire aimed at your Ouija boards. Thoughts and prayers.
Have a wonderful day​​​​​​​​​​​​​​​​

full price, extra extra usage, charge me double, take my tokens, I don’t care, JUST STOP TALKING

A graveyard of skills absolutely nobody will ever use.

Oh yeah tell me about Karpathy’s LLM wiki ONE MORE TIME, I definitely haven’t seen it in 50 different posts today

I swear it’s like everyone here posts something they half-assed in Claude in ten minutes, plays with it for one minute, then launches a WEEK-LONG social campaign - “heHeHe how I saved 70% on toke—” OH SHUT UPPPP I will pay

Trust me, there’s less propaganda on Multivac, at least THOSE bots are authentic

The biggest damage AI has done is making people who had nothing to say start saying it out loud every single day on LinkedIn until my feed became an industrial slop of cringe generated content, this is why we can’t have nice things

Thank you!

Anthropic’s Mythos signals a structural cybersecurity shift Claude Mythos Preview won’t break cybersecurity, but two new analyses shed light on how it is compressing exploit windows and exposing gaps in vulnerability management. CISOs should prepare for what’s...

Two new analyses shed light on how Claude Mythos Preview is compressing exploit windows and exposing gaps in vulnerability management.

Check out my latest CSO piece.

Thanks to @gadievron.bsky.social for his insight.

www.csoonline.com/article/4158...

Preparing your security program for AI-accelerated offense | Claude We share our initial set of recommendations to shore up your defenses based on our own findings and security practices.

Great advice from Anthropic on prep for accelerated AI vulnerability discovery, including what to do if you don’t have a dedicated security team, if you’re reporting bugs you found, or are an open source maintainer.

/ht @decius.bsky.social for sending me the link

claude.com/blog/prepari...

Thank you!!

#Mythos strategy coauthored by @gadievron.bsky.social @argv.bsky.social Rob T Lee, Jen Easterly, Bruce Schneier, Chris Inglis, Phil Venables, @rgblights.bsky.social, @sounil.bsky.social, Jim Reavis, Jon Stewart, Maxim K., Dave Lewis, Joshua Saxe, John Yeoh, Ramy Houssaini, James Lyne, me & many more

An Expedited Strategy Briefing on Mythos, Glasswing, and building a security program for what comes next, by 250 CISOs, and the wider community.

It is still a draft, with some design incomplete, but we felt it was imperative to release.

Link:
labs.cloudsecurityalliance.org/mythos-ciso/