This post is based on Mackenzie's conversation with Noora Ahmed-Moshe on The Secure Disclosure podcast. Listen to the full episode. A company lost a million dollars because someone on a litigation call ran an AI note-taker. As behavioral scientist Noora Ahmed-Moshe explains on the podcast, the tool summarized a confidential conversation and sent it to the opposing party, who used it to force a settlement on their terms.

Sophos Endpoint in action: Blocking a novel supply chain attack How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack. Sophos Endpoint is architected from the ground up to automatically block exploits, ransomware, and attacker techniques by default with zero manual tuning.

As I write this, we are now almost 2.5 years post acquisition of VMware by Broadcom. In that time many things have changed. The partner program has shrunk and shrunk again. The portfolio is much smaller as non-core product lines such as VDI (now Omnissa) and Carbon Black have been divested. However, none of these changes have been as impactful as integrating all remaining capabilities into the evolved VMware Cloud Foundation (VCF).

The State of Identity Security 2026: Identity is the new perimeter Discover the causes and consequences of identity threats based on a survey of 5,000 organizations across 17 countries. In the modern cybersecurity landscape, the traditional network perimeter has dissolved. Today, identity as a perimeter keeps getting stronger and stronger. As organizations accelerate cloud adoption and integrate AI systems, the number of digital identities, both human and non-human, has grown exponentially.

AI-powered attackers are faster and more systematic than ever. But they still trust what they see. Deception technology controls what they see. 87% of security leaders say AI-related vulnerabilities grew faster than any other risk in 2025 44% year-over-year rise in exploitation of public-facing applications in 2025 300K+ AI platform credentials exposed via infostealer malware on dark web in 2025.

Using Cursor, GitHub Copilot, Claude Code, Codex, or another coding agent means giving software access to more than your code. It can also see the credentials available in your workspace, shell, config files, and development environment.

EPSS: Early warning or not? EPSS is a predictive scoring model, and security teams assume it is an early warning signal. Nucleus research across 18% of CISA KEV-listed CVEs over 6 months found it isn’t.

Seven things security teams can start doing today to reduce risk.

Deception and Claude Mythos is no longer just a cybersecurity conversation. It’s a paradigm change in how organizations need to consider cyber resilience in the era of AI. Enterprises are facing a new threat landscape in which attackers can find exploits quicker, conduct enterprise-wide reconnaissance with low-level automation, and exploit enterprise assets with unprecedented accuracy on an enterprise-wide scale.