Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This post is based on Mackenzie's conversation with Noora Ahmed-Moshe on The Secure Disclosure podcast. Listen to the full episode. A company lost a million dollars because someone on a litigation call ran an AI note-taker. As behavioral scientist Noora Ahmed-Moshe explains on the podcast, the tool summarized a confidential conversation and sent it to the opposing party, who used it to force a settlement on their terms.

Groups behind these operations actively watch online platforms for talent. When they spot someone with advanced skills, they reach out, posing as peers and offering access to tools, techniques, and a share of the profits.

The Model Context Protocol (MCP) is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the time-consuming work of building APIs. Adoption has surged in recent months, and categories like payments, project management, and developer platforms are already beginning to reap the benefits.

A platform team finishes a two-week observation window on a new internal research agent. The baseline is stable; the sensor produced a clean profile. By Friday, no policy has shipped — and the blocker isn’t tooling.

Dirty Frag (comprising CVE-2026-43284 and CVE-2026-43500) is a high-impact Linux kernel vulnerability chain that enables deterministic, reliable local privilege escalation (LPE) to root across major enterprise distributions. Unlike previous race-condition exploits, this logic flaw in the IPsec ESP and RxRPC subsystems offers a near 100% success rate, allowing attackers to escalate from a minor foothold to full system control without triggering typical kernel panics.

A critical vulnerability in Ollama allows unauthenticated attackers to extract the entire process memory of exposed servers using just three API calls. Tracked as CVE-2026-7482 and nicknamed Bleeding Llama, the vulnerability puts roughly 300,000 internet-facing servers at risk. Ollama is the most widely used open-source platform for running large language models locally, with over 170,000 GitHub stars and 100 million Docker Hub downloads.

Data breaches happen every day, so companies need to prioritize data security to protect sensitive data and ensure compliance. Data Loss Prevention (DLP) in Office 365 is a powerful tool that finds, monitors, and protects sensitive data across Microsoft 365 services. This helps improve the security posture of an organization. Office 365 DLP helps businesses keep sensitive data from being shared or exposed without permission.