A slightly delayed episode of the weakly link. This time, we have a bit of a special outlook on the future in security to do with Quantum and AI. There were a couple of links that really caught my eye and could make a compelling case for usage of the phrase “everchanging landscape…” - stop it Gerald - this is not AI generated! Let’s start with the big announcement: Anthropic announced how their latest Mythos model was so good at vulnerability research that they decided to keep it from the unwashed masses and just give access to select organisations and call it Project Glasswing.

This week we have a look at the current chaos. Be it political or technical, we’re going through some radical changes. And I can’t help but think, if this is what progress looks like, oh crap. Supply Chain Chaos We start by having a look at an article by Ian about the Mad Emperor. No prizes for guess who is meant there. From the outside in, it really looks like there’s no plan or no idea about the kind of problems the attack on Iran is causing.

This week it gets all too depressing. We start by the fact that AI didn’t in fact change everything but just made it more important to do the right thing. How politicians may not have the right kind of understanding to make decisions that actually make sense. How one (orange) politician doesn’t understand how the world actually works and how we can all laugh and point at McKinsey for when they predicted how essential it was to go all in on the metaverse.

This week we’re looking at zero days, zero reason for wearing Meta Glasses, zero reason to like AI slop. Let’s dive in. Look What You Made Us Patch The Google Threat Intelligence Zero-Day review came out at the beginning of March and I thought it was interesting for a good few reasons: The number of zero days actively exploited looks to be fairly steady over the last few years Security and Networking technologies are about half of the enterprise-related targets.

This week we’re looking at how some of the traditional thinking on security (detect it, patch it, monitor it) is no longer quite cutting it. It is interesting how cyber threats have very much moved on from malware. In my opinion, the latest CrowdStrike threat report can be used to argue that security is not something that can be fixed by buying a shiny security tool. It’s not a technology problem, it’s a social (engineering) problem…

This weak we’re looking at supply chains. We look at how AI is both a blessing and a curse for open source, how there’s a new sandworm attacking the npm ecosystem, how de-Americanisation of cloud is not easy and we also learn about an exciting new Agile certification. Sarcasm may be involved. Semantic Ablation But let’s start with something that puts a name to that feeling you get when you read an AI-generated wall of text and at the end of it, you feel like there has been relatively little meaning in what you’ve just read.

This week we’re looking at the impact of drugs on viruses, drugs on AI models, drug-addled bot behaviour and how the mainstream is catching up with AI Agent concerns. Oh, and some badly-drawn horses. Drugs The first bit of news comes from over the pond, where it looks like the Trumpian regime is looking to piss away vaccine advances. Flu vaccines are saving millions of lives, and an improvement in efficacy would be a good thing.

This week, we’re having a bit of a wild west theme to the GenAI related links. There’s continuing hype around OpenClaw - though it looks more like a hangover than a party. We’ve also got some interesting use cases for GenAI that are directly not related to coding and we’ll end up with a cryptic warning from a siren. The Good I’d like to start off with a couple of links relating what is feasible with GenAI:

This was the week when the autonomous AI bots went a bit crazy and decided to burn tokens on social media. Moltbook is so hot it leaves behind molten agents. Well, no, stop there Gerald, people will start thinking you are using an LLM to do your writing. Of course, there’s a decent sprinkling of security issues where once again the usual suspects prove that security vendors are bad at securing software.

It’s been a busy week, hasn’t it. Fascism is on the rise and AI too. But it’s not all bad news… (touches earpiece) I’m receiving new information. Aaaanyway. This week we’re looking at mad and bad. We’re looking at how magic strings and parameter injection can be bad, how mad AI coding is and how bad people make me mad. Telnet? In 2026? First of all, we’re reminded that running old services can be rather dangerous.