Links
AddFour related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics
The examples use off-the-shelf commercial technologies, giving organizations valuable starting points
Nobl9 has released an open specification for defining SLOs and, in addition, has defined a repeatable SLO methodology.
OS-enforced capability sandbox for running untrusted AI agents. No escape hatch. Works with Claude, GPT, and any AI agent.
There is a need to evaluate the effectiveness of non-pharmacological treatment options to guide Australian clinicians and people with ADHD when choosing appropriate evidence-based intervention options.
My day was completely ruined yesterday when I stumbled upon a fun fact that absolutely obliterated my mind. I saw this tweet yesterday that said that not everyone has an internal monologue in their head. All my life, I could hear my voice in my head and speak in full sentences as if I wasโฆ
Update: The date for closing down the Ubuntu 20 image has changed to April 15. The following post has been updated to reflect this change. Ubuntu-latest upcoming breaking changes Weโฆ
Notion AI is susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval.
In the first of a new series focusing on DevOps monitoring tools, we review the various types of system observability tools.
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be
In the final section of my series on creating a comprehensive security program around Docker [https://nullsweep.com/building-a-docker-security-program], I'll be looking at some ideas and best practices around patching running containers.
In the previous articles, I talked about running static analysis on containers [https://nullsweep.com/docker-static-analysis-with-clair] and rolling
Hmmm ... I'm not sure about this. It's interesting, but I'm not yet convinced about it's place.
Observability 2.0 centers around โwide events,โ breaking down the silos between metrics, logs, and traces. This article outlines the core ideas and technical challenges of this new paradigm, and introduces how GreptimeDB, a native open-source database for wide events, provides a unified and efficient foundation for next-gen observability platforms.
Odoo. Open Source Apps To Grow Your Business. Contribute to odoo/odoo development by creating an account on GitHub.
On April 21, 2026, a major breakthrough in cybersecurity happened: leading standardization initiatives gathered in Washington DC and agreed to begin coordinating collectively on AI security. A personal dream come true. The result: MOSAIC: Multi-Organization Secure AI Coordination. The goal: turn a fragmented landscape into clear, consistent standards and guidelines, to deal with the mounting risks of AI.
This important step was taken at the AI Security Policy Forum, organised and led by the OWASP AI Exchange, with SANS Institute as co-host - convening standard makers and policy stakeholders.
The initiatives at the table included: ๐ BIML (Berryville Institute of Machine Learning) ๐ Center for Internet Security (CIS) ๐ Cloud Security Alliance (CSA) ๐ Coalition for Secure AI (CoSAI) ๐ National Institute of Standards and Technology (NIST) ๐ OWASP AI Exchange (AIX) ๐ OWASP GenAI Security Project ๐ SANS Institute
The group agreed that it is now more important than ever to coordinate around the rapidly evolving possibilities and challenges of AI, as AI security risks mount.
One of the next steps is to provide a standardized map of the participating initiatives and a communication platform to exchange insights on a first list of identified topics (e.g., aligning with other initiatives such as SC42, building on OpenCRE, consensus on definitions), improve consistency, clarity, quality, and prevent unnecessary duplication. The idea is to move fast while maintaining independence and with lightweight coordination - not add more committees.
In addition to the organizations mentioned, the discussion also included journalists, representatives from International Telecommunication Union (ITU), The Aspen Institute, academia, and government โ providing valuable perspectives on developments in both policy and industry. This helped prioritize the topics to focus on.
In the picture, from left to right, standing to sitting: Disesdi Shoshana Cox (AIX), Gary McGraw(BIML), Rob van der Veer (AIX), Anonymous, Duncan Sparrell, John Yeoh (CSA), Rock Lambros (GenAI), Norma Krayem, Brian Calkin (CIS), Matt Altomare (Aspen), Omar Santos (CoSAI), Aruneesh Salhotra (AIX), Jonathan Gibson (The Dispatch), Apostol Vassilev (NIST), Rhea Nygard, Ken Huang, Lav Varshney (Stony Brook University), Sounil Yu, and Sharon Goldman (Fortune)
Not in the picture, but involved, in alphabetical order: Rob T. Lee (SANS), Ryan Galluzzo (NIST), Soribel F.
A big thank you to: ๐ Disesdi Shoshana Coxย for her idea to bring everybody together in a room to fulfil the connecting mission of the Exchange ๐ The amazing thinktank at the AI Exchange ๐ Spyros Gasteratos for his work on OpenCRE ๐ Violeta Klein, CISSP, CEFA for shaping the story for the Forum ๐ Straiker, Casco (YC X25), AI Security Academy, and SANS for supporting the Forum. ๐ Software Improvement Group for donating the original threat model and initiating the AI Exchange
Letโs make AI a success! | 28 comments on LinkedIn
Download once:radix for free. once:radix is a Rapid Application Development system for Intranet and eXtranet environments. Create advanced database-driven web applications that require no expertise in the underlying technologies.
The original Macross Valkyrie action figure is being re-released and upgraded for modern collectors, with the toy foreshadowing a major occasion.