ChatGPT Private Chats Exposed on Google in Privacy Breach
Thousands of private ChatGPT conversations ended up searchable on Google. All because of a misconfigured sharing feature that let search engines crawl unique chat links.
What happened?
โ OpenAI let users share chats with unique URLs.
โ The robots.txt file didn't block Google from crawling them.
โ Many users had no idea their "private" links were public.
OpenAI acted. Disabled the tool, started removing links from search.
I've checked myself and wasn't able to found anything on Google.
However, other search engines (DuckDuckGo, Bing), seem to still have trace of it. Internet doesn't forget. Web archives may hold many of those chats. For people affected, the damage is real and lasting.
Do your own research๐ฅธ
Never assume privacy and security is guaranteed.
Stay secure๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #DataBreach
Thousands of private ChatGPT conversations ended up searchable on Google. All because of a misconfigured sharing feature that let search engines crawl unique chat links.
What happened?
โ OpenAI let users share chats with unique URLs.
โ The robots.txt file didn't block Google from crawling them.
โ Many users had no idea their "private" links were public.
OpenAI acted. Disabled the tool, started removing links from search.
I've checked myself and wasn't able to found anything on Google.
However, other search engines (DuckDuckGo, Bing), seem to still have trace of it. Internet doesn't forget. Web archives may hold many of those chats. For people affected, the damage is real and lasting.
Do your own research
Never assume privacy and security is guaranteed.
Stay secure
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #DataBreach
Please open Telegram to view this post
VIEW IN TELEGRAM
๐14
#CyberMonday CyberArk and HashiCorp Critical Flaws
Last week, researchers found over a dozen new vulnerabilities in CyberArk and HashiCorp vaults. These flaws let attackers take control of enterprise vaults - no credentials needed.
Patch now
๐ฅ Top News:
โ Microsoft released an advisory for a high-severity Exchange Server flaw (CVE-2025-53786). This bug lets attackers gain elevated privileges in hybrid cloud setups.
โ Adobe patched two critical bugs in Experience Manager Forms. Public exploits available.
โ CERT-UA warns of the UAC-0099 threat actor using new malware (MATCHBOIL, MATCHWOK, DRAGSTARE) against Ukraine's infrastructure.
๐ Exploitability spike +50%:
โ CVE-2022-40799 (#DLink)
โ CVE-2025-53770 (#SharePoint)
As always, share new CVEs and your thoughts in comments. ๐
Stay secure๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Last week, researchers found over a dozen new vulnerabilities in CyberArk and HashiCorp vaults. These flaws let attackers take control of enterprise vaults - no credentials needed.
Patch now
โ Microsoft released an advisory for a high-severity Exchange Server flaw (CVE-2025-53786). This bug lets attackers gain elevated privileges in hybrid cloud setups.
โ Adobe patched two critical bugs in Experience Manager Forms. Public exploits available.
โ CERT-UA warns of the UAC-0099 threat actor using new malware (MATCHBOIL, MATCHWOK, DRAGSTARE) against Ukraine's infrastructure.
๐ Exploitability spike +50%:
โ CVE-2022-40799 (#DLink)
โ CVE-2025-53770 (#SharePoint)
As always, share new CVEs and your thoughts in comments. ๐
Stay secure
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
๐8
Hey guys,
I have been quite busy lately.
I am no longer able to post frequently, so I will, for now, stop posting #CyberMondays.
I know, that is sad. But hey, life happens, and you have to cope with it.
I will, however, post things I find interesting and cybersecurity updates from time to time.
Stay tuned๐
I have been quite busy lately.
I am no longer able to post frequently, so I will, for now, stop posting #CyberMondays.
I know, that is sad. But hey, life happens, and you have to cope with it.
I will, however, post things I find interesting and cybersecurity updates from time to time.
Stay tuned
Please open Telegram to view this post
VIEW IN TELEGRAM
๐25๐ข4
Quick personal note before we dive in.
I owe you an apology โ Iโve been quiet for 5 and a half months.
I needed that time to focus on personal matters and reset.
Iโm back now with more energy. I wonโt promise miracles, but Iโll genuinely try to be more active and consistent.
And of course, I knew I had to come back with Cyber Monday โ because this is what many of you look forward to the most.
If this post resonates, Iโd really appreciate your comments and shares.
โ Yours, @stansecure๐
#CyberMonday headline: Chinese APTs hijacked Notepad++ updates for six months
While we obsess over secure coding, attackers are hijacking the supply chain.
The Incident: Following a new disclosure, itโs confirmed that Notepad++โs hosting infrastructure was compromised by a likely state-sponsored group (attributed to China) from June to December 2025.
TLDR: This wasnโt a vulnerability in the Notepad++ code itself. The attackers compromised the shared hosting provider and selectively intercepted traffic to getDownloadUrl.php. Targeted users โ and only targeted users โ were silently redirected to malicious servers serving infected update manifests.
Why important: This mirrors the recent eScan Antivirus and Open VSX supply chain attacks. The attackers donโt need to break the software's lock if they own the server that delivers it. Notepad++ finally ๐คฆโโ๏ธ enforced XML signing in v8.9.2, but for 6 months, the "trust" was broken.
๐ฅ Top News:
โ Browser attacks: New research shows AI browsers can be hijacked via prompt injection, turning your helpful assistant into an insider threat that exfiltrates data.
โ Ukraine Alert (CERT-UA): APT28 (UAC-0001) is actively targeting UA and EU entities with a malicious doc (Consultation_Topics_Ukraine(Final).doc) exploiting CVE-2026-21509. If you see this file, isolate immediately.
โ Supply Chain hits Open VSX: A legitimate developer account was compromised to push the "GlassWorm" malware via the Open VSX registry.
It feels good to be back.
Iโm curious, what was the biggest security shift you noticed in the last 5 months while I was gone? Let me know in the comments.
Stay vigilant๐
P.S. Look for the CVE alert in the first comment ๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#CyberSecurity #Infosec #NotepadPlusPlus
I owe you an apology โ Iโve been quiet for 5 and a half months.
I needed that time to focus on personal matters and reset.
Iโm back now with more energy. I wonโt promise miracles, but Iโll genuinely try to be more active and consistent.
And of course, I knew I had to come back with Cyber Monday โ because this is what many of you look forward to the most.
If this post resonates, Iโd really appreciate your comments and shares.
โ Yours, @stansecure
#CyberMonday headline: Chinese APTs hijacked Notepad++ updates for six months
While we obsess over secure coding, attackers are hijacking the supply chain.
The Incident: Following a new disclosure, itโs confirmed that Notepad++โs hosting infrastructure was compromised by a likely state-sponsored group (attributed to China) from June to December 2025.
TLDR: This wasnโt a vulnerability in the Notepad++ code itself. The attackers compromised the shared hosting provider and selectively intercepted traffic to getDownloadUrl.php. Targeted users โ and only targeted users โ were silently redirected to malicious servers serving infected update manifests.
Why important: This mirrors the recent eScan Antivirus and Open VSX supply chain attacks. The attackers donโt need to break the software's lock if they own the server that delivers it. Notepad++ finally ๐คฆโโ๏ธ enforced XML signing in v8.9.2, but for 6 months, the "trust" was broken.
โ Browser attacks: New research shows AI browsers can be hijacked via prompt injection, turning your helpful assistant into an insider threat that exfiltrates data.
โ Ukraine Alert (CERT-UA): APT28 (UAC-0001) is actively targeting UA and EU entities with a malicious doc (Consultation_Topics_Ukraine(Final).doc) exploiting CVE-2026-21509. If you see this file, isolate immediately.
โ Supply Chain hits Open VSX: A legitimate developer account was compromised to push the "GlassWorm" malware via the Open VSX registry.
It feels good to be back.
Iโm curious, what was the biggest security shift you noticed in the last 5 months while I was gone? Let me know in the comments.
Stay vigilant
P.S. Look for the CVE alert in the first comment ๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#CyberSecurity #Infosec #NotepadPlusPlus
Please open Telegram to view this post
VIEW IN TELEGRAM
๐16
In Ukraine, cyber defense is not theoretical. Itโs forged in a war with aggressor.
Thatโs why I'm planning to attend Kyiv International Cyber Resilience Forum (Feb 19-20), not for trends, but for lessons forged in real conditions.
These events for me are:
โข A chance to learn what works on the front lines
โข Meet people who get the high-stakes environment (and the stress)
โข Share how we level up our own cyber posture
Iโm especially looking forward to insights from:
Vitaly Balashov -- shaping cloud security and Ukraine's national standards.
Serhii Khariuk -- building and testing defenses for EU and U.S. markets.
Forums like this matter because they compress years of learning into conversations.
Are you planning to attend? Let's meetup!
#CyberResilience #CyberSecurity #InfoSec
@securediary
Thatโs why I'm planning to attend Kyiv International Cyber Resilience Forum (Feb 19-20), not for trends, but for lessons forged in real conditions.
These events for me are:
โข A chance to learn what works on the front lines
โข Meet people who get the high-stakes environment (and the stress)
โข Share how we level up our own cyber posture
Iโm especially looking forward to insights from:
Vitaly Balashov -- shaping cloud security and Ukraine's national standards.
Serhii Khariuk -- building and testing defenses for EU and U.S. markets.
Forums like this matter because they compress years of learning into conversations.
Are you planning to attend? Let's meetup!
#CyberResilience #CyberSecurity #InfoSec
@securediary
๐10
This started like a normal developer interview.
A recruiter reached out to my colleague, Mykyta Kurochka, about a Node.js role at Cryptan Labs.
Honestly, at first, everything just felt totally normal.
The interview felt routine. Figma designs. Tech specs that matched the role. The kind of call most of us have.
But then, little things started to feel off...
The recruiter turned the camera off after a few minutes.
The project was supposedly brand new โ only 2โ3 weeks old.
Mykyta was asked to review their code and join a GitHub org.
The repository arrived as a ZIP archive.
None of these alone screams โscam.โ
Together, they deserved a pause.
Before running anything, Mykyta checked <๐๐๐๐๐๐๐.๐๐๐๐>.
Some outdated dependencies โ not the weirdest thing ever.
Still, he decided not to run the project until he understood what it actually did.๐
Frankly, many people wouldโve skipped that step.
The repo itself was strange: very little real logic, but a massive structure.
That alone raised questions.
Then <๐๐๐ ๐๐๐๐๐๐๐> finishedโฆ
and the app ๐๐๐ฎ๐ฟ๐๐ฒ๐ฑ ๐ฟ๐๐ป๐ป๐ถ๐ป๐ด ๐ฎ๐๐๐ผ๐บ๐ฎ๐๐ถ๐ฐ๐ฎ๐น๐น๐.
The reason was concealed in a <๐๐๐๐๐๐๐> script that launched <๐๐๐๐๐๐/๐๐๐๐๐๐.๐๐> (๐พ2๐พ).
When Mykyta asked why anything was auto-executing, the response was:
โJust part of the process.โ
He was pushed to run it again.
Thatโs where he stopped.
Instead of proceeding, he shut things down:
โข Closed active ports
โข Regenerated SSH keys
โข Ran the code through security checks
โข Reviewed what data could have been exposed
What turned up wasnโt minor.
There was code enabling remote execution.
Environment variables were being sent out.
At that point, it was clear this wasnโt sloppy engineering.
It looked intentional.
And it was hiding behind a โjob interview.โ
Mykytaโs decision to slow down likely prevented a real incident.
If thereโs one takeaway here, itโs this:
interviews donโt deserve blind trust.
A few reminders worth repeating:
โข Always check what scripts run during setup
โข Never auto-launch unfamiliar code
โข Be cautious with new GitHub org invites
โข If something feels rushed or strange, pause, always
Iโm sharing this because these tactics are becoming more common.
Have you seen anything similar during interviews or test tasks?
Sharing stories like this helps us stay safe.
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#JobScams #CyberSecurity #InfoSec
A recruiter reached out to my colleague, Mykyta Kurochka, about a Node.js role at Cryptan Labs.
Honestly, at first, everything just felt totally normal.
The interview felt routine. Figma designs. Tech specs that matched the role. The kind of call most of us have.
But then, little things started to feel off...
The recruiter turned the camera off after a few minutes.
The project was supposedly brand new โ only 2โ3 weeks old.
Mykyta was asked to review their code and join a GitHub org.
The repository arrived as a ZIP archive.
None of these alone screams โscam.โ
Together, they deserved a pause.
Before running anything, Mykyta checked <๐๐๐๐๐๐๐.๐๐๐๐>.
Some outdated dependencies โ not the weirdest thing ever.
Still, he decided not to run the project until he understood what it actually did.๐
Frankly, many people wouldโve skipped that step.
The repo itself was strange: very little real logic, but a massive structure.
That alone raised questions.
Then <๐๐๐ ๐๐๐๐๐๐๐> finishedโฆ
and the app ๐๐๐ฎ๐ฟ๐๐ฒ๐ฑ ๐ฟ๐๐ป๐ป๐ถ๐ป๐ด ๐ฎ๐๐๐ผ๐บ๐ฎ๐๐ถ๐ฐ๐ฎ๐น๐น๐.
The reason was concealed in a <๐๐๐๐๐๐๐> script that launched <๐๐๐๐๐๐/๐๐๐๐๐๐.๐๐> (๐พ2๐พ).
When Mykyta asked why anything was auto-executing, the response was:
โJust part of the process.โ
He was pushed to run it again.
Thatโs where he stopped.
Instead of proceeding, he shut things down:
โข Closed active ports
โข Regenerated SSH keys
โข Ran the code through security checks
โข Reviewed what data could have been exposed
What turned up wasnโt minor.
There was code enabling remote execution.
Environment variables were being sent out.
At that point, it was clear this wasnโt sloppy engineering.
It looked intentional.
And it was hiding behind a โjob interview.โ
Mykytaโs decision to slow down likely prevented a real incident.
If thereโs one takeaway here, itโs this:
interviews donโt deserve blind trust.
A few reminders worth repeating:
โข Always check what scripts run during setup
โข Never auto-launch unfamiliar code
โข Be cautious with new GitHub org invites
โข If something feels rushed or strange, pause, always
Iโm sharing this because these tactics are becoming more common.
Have you seen anything similar during interviews or test tasks?
Sharing stories like this helps us stay safe.
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#JobScams #CyberSecurity #InfoSec
1๐11๐ค1
Russian APT28 Exploit Zero-Day Hours After Microsoft Discloses Office Vulnerability.
Ukraineโs cyber defenders warned that Russian hackers weaponized a Microsoft Office zero-day within 24 hours of public disclosure.
The Russia-linked state-sponsored group APT28 exploited CVE-2026-21509 to deliver malicious documents targeting Ukrainian government agencies and European Union institutions.
Ukraineโs Computer Emergency Response Team observed exploitation attempts beginning on January 27 -- just one day after Microsoft disclosed the vulnerability on January 26.
Microsoft acknowledged active exploitation at disclosure, but attribution details were initially withheld. The speed and customization of APT28โs follow-on attacks highlight how narrow the defensive window has become.
Act now, see action advice in the comment section.
๐ฅ Top News:
โ Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities.
โ CISA Orders Federal Agencies to Remove Unsupported Hardware and Software to Reduce Risk.
โ Microsoft Moves to Retire TLS 1.0, 1.1 in Azure Blob Storage.
โ OpenClaw (a.k.a. Moltbot), a cascade of LLMs, poses a significant risk to your data if not properly managed or restricted.
โ German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists.
Links to sources and CVEs alert in comments.๐
As always, share your thoughts, ideas, and new CVEs in comments.
Stay secure๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Ukraineโs cyber defenders warned that Russian hackers weaponized a Microsoft Office zero-day within 24 hours of public disclosure.
The Russia-linked state-sponsored group APT28 exploited CVE-2026-21509 to deliver malicious documents targeting Ukrainian government agencies and European Union institutions.
Ukraineโs Computer Emergency Response Team observed exploitation attempts beginning on January 27 -- just one day after Microsoft disclosed the vulnerability on January 26.
Microsoft acknowledged active exploitation at disclosure, but attribution details were initially withheld. The speed and customization of APT28โs follow-on attacks highlight how narrow the defensive window has become.
Act now, see action advice in the comment section.
โ Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities.
โ CISA Orders Federal Agencies to Remove Unsupported Hardware and Software to Reduce Risk.
โ Microsoft Moves to Retire TLS 1.0, 1.1 in Azure Blob Storage.
โ OpenClaw (a.k.a. Moltbot), a cascade of LLMs, poses a significant risk to your data if not properly managed or restricted.
โ German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists.
Links to sources and CVEs alert in comments.๐
As always, share your thoughts, ideas, and new CVEs in comments.
Stay secure
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
๐11
AI-powered pentesting tools are evolving fast โ but most struggle with validation and false-positive control.
I came across a platform that addresses this with proof-of-execution scoring and per-scan isolation.
NeuroSploit v3 is an open-source attempt to make AI pentest look more like the work of a human team, not a noisy scanner.
The core idea is simple.
Instead of just "guessing" based on an LLM prompt, it spins up isolated Kali Linux containers and uses negative controls and proof-of-execution checks to validate findings before they ever reach the report.
NeuroSploit focuses on three main areas:
1) Coverage and context
โ 100 vulnerability types in 10 categories
โ 3 streams in parallel: recon, junior tester, tool runner
โ Built-in integration with tools you already know (nmap, nuclei, sqlmap, ffuf, etc.)
2) Isolation and control
โ Every scan runs inside its own Kali Linux Docker container
โ Per-scan tools install, hard CPU/RAM limits, auto cleanup
โ Container pool with TTL and orphan cleanup for stable operations
3) Validation and proof-of-execution
โ Negative controls: send benign โsafeโ requests to cut false signals
โ 25+ proof methods per vuln type (XSS context, SSRF markers, DB error patterns, etc.)
โ Confidence scoring 0โ100 with a final โvalidation judgeโ that approves or rejects a finding
On top of that, it can talk to several LLM providers (Claude, GPT, Gemini, local LLMs) and adapt mid-scan when endpoints die, WAF blocks, or returns start to show diminishing value.
Is it perfect? No.
Is it closer to how I want AI to work in offensive security? For me, yes.
Would you find it useful if I tried NeuroSploit v3 and shared my honest take on it?
Stay secure๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
I came across a platform that addresses this with proof-of-execution scoring and per-scan isolation.
NeuroSploit v3 is an open-source attempt to make AI pentest look more like the work of a human team, not a noisy scanner.
The core idea is simple.
Instead of just "guessing" based on an LLM prompt, it spins up isolated Kali Linux containers and uses negative controls and proof-of-execution checks to validate findings before they ever reach the report.
NeuroSploit focuses on three main areas:
1) Coverage and context
โ 100 vulnerability types in 10 categories
โ 3 streams in parallel: recon, junior tester, tool runner
โ Built-in integration with tools you already know (nmap, nuclei, sqlmap, ffuf, etc.)
2) Isolation and control
โ Every scan runs inside its own Kali Linux Docker container
โ Per-scan tools install, hard CPU/RAM limits, auto cleanup
โ Container pool with TTL and orphan cleanup for stable operations
3) Validation and proof-of-execution
โ Negative controls: send benign โsafeโ requests to cut false signals
โ 25+ proof methods per vuln type (XSS context, SSRF markers, DB error patterns, etc.)
โ Confidence scoring 0โ100 with a final โvalidation judgeโ that approves or rejects a finding
On top of that, it can talk to several LLM providers (Claude, GPT, Gemini, local LLMs) and adapt mid-scan when endpoints die, WAF blocks, or returns start to show diminishing value.
Is it perfect? No.
Is it closer to how I want AI to work in offensive security? For me, yes.
Would you find it useful if I tried NeuroSploit v3 and shared my honest take on it?
Stay secure
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
1๐8
Security teams are entering a new phase.
AI is finding vulnerabilities faster.
Attackers are exploiting faster.
And traditional patch cycles are starting to look slow by comparison.
๐ฅ This week's Top News:
โ Microsoft patch six actively exploited zero-days (CVE-2026-21510 through -21525)
โ Google fix Chrome zero-day CVE-2026-2441 under active attack
โ Research showing Claude Opus 4.6 identified 500+ memory corruption vulnerabilities in open-source projects
โ Threat actors are already targeting infrastructure around the Milano Cortina 2026 Winter Games
What matters now isnโt just scanning, but building a robust response architecture.
When a new exploited vulnerability emerges, I always look for three core areas:
1๏ธโฃ Exposure mapping
Do we know which systems are externally reachable or user-triggerable?
Can we prioritize based on potential impact, rather than relying solely on CVSS?
2๏ธโฃ Remediation verification
Can we confirm remediation on the systems that matter most โ not just report rollout percentage?
3๏ธโฃ Mitigation
If patching is delayed, are compensating controls in place (isolation, policy tightening, monitoring)?
The velocity of security has changed.
The question isnโt whether AI will reshape vulnerability management.
It already is.
AI is already a tool for both attackers and defenders. Those who adapt quickly will come on top.
A question to you:
How are you adjusting your patching or AppSec workflows to account for faster discovery cycles?
Do you use AI?
Look for CVE Alert in the first comment. ๐
Stay secure๐
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#CyberSecurity #Infosec #ThreatIntel
AI is finding vulnerabilities faster.
Attackers are exploiting faster.
And traditional patch cycles are starting to look slow by comparison.
โ Microsoft patch six actively exploited zero-days (CVE-2026-21510 through -21525)
โ Google fix Chrome zero-day CVE-2026-2441 under active attack
โ Research showing Claude Opus 4.6 identified 500+ memory corruption vulnerabilities in open-source projects
โ Threat actors are already targeting infrastructure around the Milano Cortina 2026 Winter Games
What matters now isnโt just scanning, but building a robust response architecture.
When a new exploited vulnerability emerges, I always look for three core areas:
1๏ธโฃ Exposure mapping
Do we know which systems are externally reachable or user-triggerable?
Can we prioritize based on potential impact, rather than relying solely on CVSS?
2๏ธโฃ Remediation verification
Can we confirm remediation on the systems that matter most โ not just report rollout percentage?
3๏ธโฃ Mitigation
If patching is delayed, are compensating controls in place (isolation, policy tightening, monitoring)?
The velocity of security has changed.
The question isnโt whether AI will reshape vulnerability management.
It already is.
AI is already a tool for both attackers and defenders. Those who adapt quickly will come on top.
A question to you:
How are you adjusting your patching or AppSec workflows to account for faster discovery cycles?
Do you use AI?
Look for CVE Alert in the first comment. ๐
Stay secure
___
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#CyberSecurity #Infosec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
1๐12
AI vs Humans Cyber Defenders.
AI agents will be tested February 19โ20 at the Kyiv International Cyber Resilience Forum, live cyber defense scenarios alongside experienced security teams.
I am participating in the forum, and Iโm genuinely curious how this plays out.
Iโve spent 11+ years working in cybersecurity - both in military and business - and truth is, real incidents almost never play out in a predictable way.
They are messy. Incomplete. Time-constrained.
AI can process data fast.
Humans operate under pressure with context, intuition, and experience.
The interesting question isnโt โwho is smarter.โ
Itโs about whether autonomous agents can operate reliably and in real-time, under the same constraints as human teams.
ARIMLABS is running a public vote on the outcome (details in the comments).
Who would you bet on - AI or humans? Why?
@securediary
AI agents will be tested February 19โ20 at the Kyiv International Cyber Resilience Forum, live cyber defense scenarios alongside experienced security teams.
I am participating in the forum, and Iโm genuinely curious how this plays out.
Iโve spent 11+ years working in cybersecurity - both in military and business - and truth is, real incidents almost never play out in a predictable way.
They are messy. Incomplete. Time-constrained.
AI can process data fast.
Humans operate under pressure with context, intuition, and experience.
The interesting question isnโt โwho is smarter.โ
Itโs about whether autonomous agents can operate reliably and in real-time, under the same constraints as human teams.
ARIMLABS is running a public vote on the outcome (details in the comments).
Who would you bet on - AI or humans? Why?
@securediary
1๐14
If your AI can write codeโฆ it should help secure it, too.
Anthropic just rolled out Claudะต Code Security, a new feature designed to scan codebases for flaws and suggest patches.
AI is already great at parsing logs and highlighting anomalies. But stepping into the auditor's shoes to patch code? That requires deep context.
The true test isn't if Claude can find a flaw; it's whether it understands the messy reality of a production environment without hallucinating a "fix" that breaks the build.
Here's how to use Claude Code Security safely:
1๏ธโฃ Extra pair of eyes
โ Run AI scans on every merge and pull request
โ Let it flag risky patterns
2๏ธโฃ Human in control
โ Security engineer or senior Dev reviews each AI fix
โ No auto-merge from AI output
3๏ธโฃ Tie into threat intel
โ Watch CISA Known Exploited Vulns
โ Confirm your codebase isn't using specific vulnerable functions of the CVEs
I extensively use AI for day-to-day work. For example, for threat intel summary, customer email draft, or compliance audit prep. Itโs a fantastic junior analyst. But it is always an assistant, not the one signing off on the decisions.
Do you trust AI to patch your production code or not?๐ค
For the #CyberMonday News and CVE alert, see the first comment. ๐
@securediary
Anthropic just rolled out Claudะต Code Security, a new feature designed to scan codebases for flaws and suggest patches.
AI is already great at parsing logs and highlighting anomalies. But stepping into the auditor's shoes to patch code? That requires deep context.
The true test isn't if Claude can find a flaw; it's whether it understands the messy reality of a production environment without hallucinating a "fix" that breaks the build.
Here's how to use Claude Code Security safely:
1๏ธโฃ Extra pair of eyes
โ Run AI scans on every merge and pull request
โ Let it flag risky patterns
2๏ธโฃ Human in control
โ Security engineer or senior Dev reviews each AI fix
โ No auto-merge from AI output
3๏ธโฃ Tie into threat intel
โ Watch CISA Known Exploited Vulns
โ Confirm your codebase isn't using specific vulnerable functions of the CVEs
I extensively use AI for day-to-day work. For example, for threat intel summary, customer email draft, or compliance audit prep. Itโs a fantastic junior analyst. But it is always an assistant, not the one signing off on the decisions.
Do you trust AI to patch your production code or not?
For the #CyberMonday News and CVE alert, see the first comment. ๐
@securediary
Please open Telegram to view this post
VIEW IN TELEGRAM
๐9
Four years of full-scale war. 1,461 days of resilience.
When I served as a SOC Division Chief in the Armed Forces, we prepared for hybrid threats. But the reality of the last four years rewired everything I know about defense.
Living and working in Kyiv, Iโve seen the concept of "Business Continuity" transform from a compliance checkbox into a survival instinct. We donโt just test backups for auditors anymore. We build systems that must survive when the power grid is hit, when the data center runs on diesel, and when the team is coding from shelters.
The biggest lesson for the global cybersecurity community?
Fragility is a choice.
We learned that secure architecture isn't about building unbreachable walls. It's about how fast you can stand back up when the walls shake.
To my fellow Ukrainians: We stand. We build. We defend.
To the global community: Don't wait for a crisis to test if your BCP actually works.
The photo date Feb 25th, the second day of full-scale war. My wife and I are relocating to Tuskavets.
Thank you, Creatio and Katherine Kostereva, for making it possible.
Is your resilience tested?๐ค
Ours is tested, every day.
When I served as a SOC Division Chief in the Armed Forces, we prepared for hybrid threats. But the reality of the last four years rewired everything I know about defense.
Living and working in Kyiv, Iโve seen the concept of "Business Continuity" transform from a compliance checkbox into a survival instinct. We donโt just test backups for auditors anymore. We build systems that must survive when the power grid is hit, when the data center runs on diesel, and when the team is coding from shelters.
The biggest lesson for the global cybersecurity community?
Fragility is a choice.
We learned that secure architecture isn't about building unbreachable walls. It's about how fast you can stand back up when the walls shake.
To my fellow Ukrainians: We stand. We build. We defend.
To the global community: Don't wait for a crisis to test if your BCP actually works.
The photo date Feb 25th, the second day of full-scale war. My wife and I are relocating to Tuskavets.
Thank you, Creatio and Katherine Kostereva, for making it possible.
Is your resilience tested?
Ours is tested, every day.
Please open Telegram to view this post
VIEW IN TELEGRAM
๐15
AI is coming everywhere, and Cybersecurity is not an exception.
Kyiv International Cyber Resilience Forum was a blast. I have not yet seen so many cyber people in one place. This is one of the biggest Cybersecurity events in Ukraine to date.
The amount and intensity of the networking was unbelievable. Since I came to the forum at 11:00 a.m. I could not attend any of the panels or stages for the whole 2-2.5 hours, purely because of the number of people I knew and wanted to talk to.
The discussions just kept going, and I loved it.
The networking was clearly the main feature of the event. The people from Ukraine's Gov Cyberdefence, Startups, European Gov representatives, and Global startups.
The event was a "Cybersecurity Networking Academy Award" winner.
๐ What were the key topics for me?
1. AI is coming everywhere, and Cybersecurity is not an exception.
Hackers and Red teams using AI to find bugs, Defenders and Cybersecurity vendors using AI to defend. If you or your company are not using AI to find bugs or defend against them, you will become outdated and replaced very soon.
2. Cybersecurity community is growing day by day.
The demand for cybersecurity professionals is at all times high; companies that haven't done cyber before, such as SHERIFF, are now entering the market to defend not only security but also cybersecurity, as this is an inseparable element of privacy and safety nowadays. The wars start with cyber reconnaissance. The power grids, hospitals, schools, and business got attacked in the cybersecurity field. It's easier to apply, and it is not a head-on conflict as in physical space; it is abused a lot.
3. People are the weakest link in your cybersecurity chain (as it always been).
Global companies and governments got hacked because someone installed some suspicious Chrome spyware that stole the password to a corporate or gov account. People click on phishing links, not even knowing what they are or that there are emails, links, and attachments that should never be opened. Educate, educate, and then repeat. Regular cybersecurity speaking corners and mini-courses are a must nowadays. Itโs not just about your companyโs privacy and security; itโs about your personal privacy and security, too.
4. Ukraine is outpacing Europe in cyberspace.
Cybersecurity companies and professionals from Ukraine are growing fast, and government agencies are strong and cyber-resilient. Ukraine is already outpacing Europe in the Cyberspace, and is catching up to the United States very quickly. The professionals from Ukraine are in demand, and the companies are ready to pay top dollar for their experience.
Have you been to the event? What stood out to you?๐
@securediary
Kyiv International Cyber Resilience Forum was a blast. I have not yet seen so many cyber people in one place. This is one of the biggest Cybersecurity events in Ukraine to date.
The amount and intensity of the networking was unbelievable. Since I came to the forum at 11:00 a.m. I could not attend any of the panels or stages for the whole 2-2.5 hours, purely because of the number of people I knew and wanted to talk to.
The discussions just kept going, and I loved it.
The networking was clearly the main feature of the event. The people from Ukraine's Gov Cyberdefence, Startups, European Gov representatives, and Global startups.
The event was a "Cybersecurity Networking Academy Award" winner.
๐ What were the key topics for me?
1. AI is coming everywhere, and Cybersecurity is not an exception.
Hackers and Red teams using AI to find bugs, Defenders and Cybersecurity vendors using AI to defend. If you or your company are not using AI to find bugs or defend against them, you will become outdated and replaced very soon.
2. Cybersecurity community is growing day by day.
The demand for cybersecurity professionals is at all times high; companies that haven't done cyber before, such as SHERIFF, are now entering the market to defend not only security but also cybersecurity, as this is an inseparable element of privacy and safety nowadays. The wars start with cyber reconnaissance. The power grids, hospitals, schools, and business got attacked in the cybersecurity field. It's easier to apply, and it is not a head-on conflict as in physical space; it is abused a lot.
3. People are the weakest link in your cybersecurity chain (as it always been).
Global companies and governments got hacked because someone installed some suspicious Chrome spyware that stole the password to a corporate or gov account. People click on phishing links, not even knowing what they are or that there are emails, links, and attachments that should never be opened. Educate, educate, and then repeat. Regular cybersecurity speaking corners and mini-courses are a must nowadays. Itโs not just about your companyโs privacy and security; itโs about your personal privacy and security, too.
4. Ukraine is outpacing Europe in cyberspace.
Cybersecurity companies and professionals from Ukraine are growing fast, and government agencies are strong and cyber-resilient. Ukraine is already outpacing Europe in the Cyberspace, and is catching up to the United States very quickly. The professionals from Ukraine are in demand, and the companies are ready to pay top dollar for their experience.
Have you been to the event? What stood out to you?
@securediary
Please open Telegram to view this post
VIEW IN TELEGRAM
1๐12
Would you join a workshop like this?
Security Architecture in Practice: From Attacks to System Defense โ How to Think like a Senior/Architect.
Security Architecture in Practice: From Attacks to System Defense โ How to Think like a Senior/Architect.
Anonymous Poll
74%
23%
5%
5%
Your topic (in comments)
๐5
Pentagon just labeled one of the world's top AI vendors a "supply chain risk," what does that make your enterprise AI strategy?
Secretary of Defense Pete Hegseth just advised the United States Department of War to officially label Anthropic as a supply chain risk.
This is a huge wake-up call for everyone in the industry.
Weโre moving past the days when โAI is coolโ and heading straight into โAI is a major third-party risk.โ
Right now, corporate developers are hardwiring third-party AI models into production environments without a second thought. The "SolarWinds of AI" won't look like a traditional network breach - it will look like a compromised model or coding assistant quietly stealing your ideas and hard work.
Ironically, a couple of days prior, severe RCE and API key theft flaws were patched in Claude Code.
The lines between vendor risk, AI risk, and traditional AppSec have blurred.
Analyze your AI risks diligently, or pay with your companyโs reputation.
Are you using AI for your work? ๐ค
For the #CyberMonday News and CVE alert, see the first comment. ๐
@securediary
Secretary of Defense Pete Hegseth just advised the United States Department of War to officially label Anthropic as a supply chain risk.
This is a huge wake-up call for everyone in the industry.
Weโre moving past the days when โAI is coolโ and heading straight into โAI is a major third-party risk.โ
Right now, corporate developers are hardwiring third-party AI models into production environments without a second thought. The "SolarWinds of AI" won't look like a traditional network breach - it will look like a compromised model or coding assistant quietly stealing your ideas and hard work.
Ironically, a couple of days prior, severe RCE and API key theft flaws were patched in Claude Code.
The lines between vendor risk, AI risk, and traditional AppSec have blurred.
Analyze your AI risks diligently, or pay with your companyโs reputation.
Are you using AI for your work? ๐ค
For the #CyberMonday News and CVE alert, see the first comment. ๐
@securediary
๐5
TV Show: Burnt out and happy ๐ฅ
Julia: Vlad, tell me how your day passes?
Vlad: Nothing special, I wake up at 5 am, then I work till 12 pm on the first full-time, then from 12 pm till 8 pm on the second full-time, and after 8 pm, that is it. I rest.
Julia: Oh, finally, after 8 pm, you have rest?
Vlad: No, I mean after 8 pm, I have a quick part-time job, a couple of tasks done, and $100 in your pocket.
Resonates with you? ๐
@securediary
Julia: Vlad, tell me how your day passes?
Vlad: Nothing special, I wake up at 5 am, then I work till 12 pm on the first full-time, then from 12 pm till 8 pm on the second full-time, and after 8 pm, that is it. I rest.
Julia: Oh, finally, after 8 pm, you have rest?
Vlad: No, I mean after 8 pm, I have a quick part-time job, a couple of tasks done, and $100 in your pocket.
Resonates with you? ๐
@securediary
Media is too big
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
๐3๐คฏ3๐ค1