Featured Issues

We're back—and completely different.#1: CYBER_AI TodayWe're back—and completely different.Welcome to CYBER_AI, a new newsletter from the Packt team focusing on—well, exactly what it says on the tin: cybersecurity in the age of AI.The world of cybersecurity is changing fast—and artificial intelligence is leading the charge. Every day, new tools powered by AI are helping defenders spot threats faster, protect data smarter, and stay one step ahead of attackers. But the same technology that helps protect us can also be used by hackers to launch more advanced, more convincing attacks.That’s why understanding the mix of AI and security is more important than ever. From detecting phishing emails in seconds to predicting weaknesses before they’re exploited, AI is reshaping what it means to stay safe online. At the same time, trusted ideas like Zero Trust—the principle that no one and nothing should be trusted by default—are becoming even more critical. In a world where AI can fake voices, write code, or slip past simple security checks, Zero Trust provides a steady foundation: always verify, always question, always protect.Join us on Substack to find our bonus articles!In this newsletter, we’ll explore how AI is transforming cybersecurity—what’s new, what’s next, and what you can do to stay secure in the age of intelligent threats.Welcome aboard! The future of cyber defence starts here.Cheers!Austin MillerEditor-in-ChiefLLMs and Agentic AI In Production - Nexus 2025Build and fine-tune your own LLMs and Agents and deploy them in production with workshops on MCP, A2A, Context Engineering, and many more.Book now at 50% off with the code CYBER50News Wipe“Beware of double agents: How AI can fortify — or fracture — your cybersecurity”: This article explores how autonomous “agentic” AI systems can both strengthen and undermine cybersecurity. Microsoft emphasises that organisations must manage AI identities using Zero Trust principles—continuous verification, least privilege, and micro-segmentation. The piece highlights practical ways to secure AI agents as part of enterprise defence.“Zscaler Acquires AI Security Company SPLX”: Zscaler announced its acquisition of SPLX, an AI security firm, to integrate AI asset discovery, red-teaming, and governance into the Zscaler Zero Trust Exchange platform. The move marks a concrete step toward extending Zero Trust security models to cover AI systems and workflows.“Trend Micro Launches End-to-End Protection for Agentic AI Systems”: Trend Micro, in collaboration with NVIDIA, unveiled a new security framework that combines Zero Trust enforcement with AI-native threat detection for what it calls “AI factories.” The launch represents a practical evolution of Zero Trust from human and device access control to full AI system protection.“How low code can give agentic AI guide rails for the enterprise”: This feature examines how enterprises are using low-code and no-code platforms to deploy AI securely. It discusses how organisations can establish governance and Zero Trust-inspired guardrails for AI agents, ensuring safe interaction with data and systems.“AI Security: Defining and Defending Cybersecurity’s Next Frontier”: SentinelOne provides a deep dive into how organisations are adapting cybersecurity frameworks to AI-driven environments. The article focuses on embedding threat modelling, securing AI workflows, and applying Zero Trust strategies to protect AI infrastructures from both misuse and attack.Culture, You, and AIFaking Receipts with AI: Over the past few decades, it’s become easier and easier to create fake receipts. Decades ago, it required special paper and printers—I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required some artistic skills to make the page look realistic. Now, AI can do it all.Rigged Poker Games: The Department of Justice has indicted thirty-one people over the high-tech rigging of high-stakes poker games.In a typical legitimate poker game, a dealer uses a shuffling machine to shuffle the cards randomly before dealing them to all the players in a particular order. As set forth in the indictment, the rigged games used altered shuffling machines that contained hidden technology allowing the machines to read all the cards in the deck. Because the cards were always dealt in a particular order to the players at the table, the machines could determine which player would have the winning hand. This information was transmitted to an off-site member of the conspiracy, who then transmitted that information via cellphone back to a member of the conspiracy who was playing at the table, referred to as the “Quarterback” or “Driver.” The Quarterback then secretly signaled this information (usually by prearranged signals like touching certain chips or other items on the table) to other co-conspirators playing at the table, who were also participants in the scheme.Scientists Need a Positive Vision for AI: For many in the research community, it’s gotten harder to be optimistic about the impacts of artificial intelligence. As authoritarianism is rising around the world, AI-generated “slop” is overwhelming legitimate media, while AI-generated deepfakes are spreading misinformation and parroting extremist messages. AI is making warfare more precise and deadly amidst intransigent conflicts. AI companies are exploiting people in the global South who work as data labelers, and profiting from content creators worldwide by using their work without license or compensation. The industry is also affecting an already-roiling climate with its enormous energy demands.AI Summarization Optimization: These days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence. But clever meeting attendees can manipulate this system’s record by speaking more to what the underlying AI weights for summarization and importance than to their colleagues. As a result, you can expect some meeting attendees to use language more likely to be captured in summaries, timing their interventions strategically, repeating key points, and employing formulaic phrasing that AI models are more likely to pick up on. Welcome to the world of AI summarization optimization (AISO).From the cutting edgeArtificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms from Knowledge and Information Systems, Vol. 67: This open-access review paper surveys the integration of AI/ML into cybersecurity, covering intrusion detection, malware classification, behavioural analysis and threat intelligence. It highlights the shift from traditional defence mechanisms to AI-driven ones, discusses technique categories and outlines future directions and gaps in research (such as adversarial robustness and real-time deployment).Generative AI revolution in cybersecurity: a comprehensive review of threat intelligence and operations from Artificial Intelligence Review, Vol. 58: This review focuses specifically on how generative AI (GenAI) is both a tool and a threat in cybersecurity operations. It explores how GenAI is being used for threat-intelligence generation, automating response operations, as well as how adversaries may use GenAI to automate attacks. The paper provides a detailed taxonomy of use-cases, implications for security operations centres (SOCs), and open issues (e.g., model abuse, data integrity).Strategic Management of AI-Powered Cybersecurity Systems: A Systematic Review (A. Wairagade) from Journal of Engineering Research and Reports, Vol 27 (8): This systematic review synthesises 87 peer-reviewed papers (2015-2024) on how organizations strategically manage AI-based cybersecurity systems. It identifies key themes including AI algorithms for threat detection, governance & risk management, organisational integration issues, ethical/legal concerns and scalability. The paper argues for proactive strategies (human-AI collaboration, governance frameworks, continual learning) to get maximum benefit from AI in cyber defence.Organizational Adaptation to Generative AI in Cybersecurity: A Systematic Review (C. Nott): This qualitative study examines how cybersecurity organisations are adapting to the integration of generative AI (GenAI). Based on analysis of 25 studies (2022-2025), it identifies three adaptation patterns: (1) LLMs integrated for security applications, (2) GenAI frameworks for automated detection/response, and (3) AI/ML-based threat-hunting workflows. The study highlights factors influencing readiness (maturity, regulation, workforce) and persistent challenges (data quality, bias, adversarial threats).*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}}

Exploring Unit 42's findingsSecuring the Autonomous Enterprise: From Observability to ResilienceCurrent security stops at passive observation. Rubrik Agent Operations is the enterprise platform that unifies observability, governance, and recoverability for AI.Join us on November 12th to discover how Rubrik is leveraging its leadership in cyber resilience to protect your autonomous future.Save My Spot#223: Digging into Social Engineering, part 3Welcome to another_secpro!This week, we're back into social engineering - this time, exploring “missed or misclassified critical signals” with Unit 42. If you've missed our other investigations, then check them out here, here and here.Check out _secpro premiumIf you want more, you know what you need to do: sign up to the premium and get access to everything we have on offer. Click the link above to visit our Substack and sign up there!Cheers!Austin MillerEditor-in-ChiefDon't miss out!This week's articleUnit 42 on “Missed or Misclassified Critical Signals”In their latest research, Unit 42 explains that many social engineering attacks don’t need advanced hacking tools. Instead, they work because of three main weaknesses: low detection coverage, alert fatigue, and organisational failures.Check it out todayNews BytesGTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools (Google Threat Intelligence Group): A deep technical analysis detailing how adversaries are now embedding generative AI and LLMs into malware and intrusion workflows. The report highlights real-world examples such as “PROMPTFLUX” and “PROMPTSTEAL,” which use AI for obfuscation, adaptive phishing, and command generation, marking a turning point toward autonomous, AI-powered attack operations.CYFIRMA Intelligence Report (CYFIRMA Research and Advisory Team): A comprehensive weekly update covering underground forum chatter, ransomware evolution, and exploitation trends. It documents “Monkey Ransomware,” details TTPs aligned to MITRE ATT&CK (execution via native API, process injection, defense evasion), and lists key vulnerabilities like CVE-2025-61932 in Lanscope Endpoint Manager.CYFIRMA's Analysis of the Monkey Ransomware (CYFIRMA Research): A detailed teardown of the newly observed “Monkey” ransomware variant. It appends a “.monkey” extension, deletes backups, and uses reflective code loading and service creation for persistence. The report provides full TTP mapping, IOCs, and mitigation guidance, suggesting active campaigns targeting APAC organizations.Rigged Poker Games - "The Department of Justice has indicted thirty-one people over the high-tech rigging of high-stakes poker games: In a typical legitimate poker game, a dealer uses a shuffling machine to shuffle the cards randomly before dealing them to all the players in a particular order. As set forth in the indictment, the rigged games used altered shuffling machines that contained hidden technology allowing the machines to read all the cards in the deck. Because the cards were always dealt in a particular order to the players at the table, the machines could determine which player would have the winning hand."Signal’s Post-Quantum Cryptographic Implementation - "Signal hasjust rolled out its quantum-safe cryptographic implementation.Ars Technicahas areally good article with details: Ultimately, the architects settled on a creative solution. Rather than bolt KEM onto the existing double ratchet, they allowed it to remain more or less the same as it had been. Then they used the new quantum-safe ratchet to implement a parallel secure messaging system."Into the blogosphere...AWS to Bare Metal Two Years Later: Answering Your Toughest Questions About Leaving AWS: "When we publishedHow moving from AWS to Bare-Metal saved us $230,000 /yr.in 2023, the story travelled far beyond our usual readership. The discussion threads onHacker NewsandReddit were packed with sharp questions: did we skip Reserved Instances, how do we fail over a single rack, what about the people cost, and when is cloud still the better answer? This follow-up is our long-form reply."Free software scares normal people: "I’m the person my friends and family come to for computer-related help. (Maybe you, gentle reader, can relate.) This experience has taught me which computing tasks are frustrating for normal people."What We Talk About When We Talk About Sideloading: "It bears reminding that “sideload” is a made-up term. Putting software on your computer is simply called “installing”, regardless of whether that computer is in your pocket or on your desk. This could perhaps be further precised as “direct installing”, in case you need to make a distinction between obtaining software the old-fashioned way versus going through a rent-seeking intermediary marketplace like the Google Play Store or the Apple App Store."Aggressive bots ruined my weekend: "On the 25th of October Bear had its first major outage. Specifically, the reverse proxy which handles custom domains went down, causing custom domains to time out. Unfortunately my monitoring tool failed to notify me, and it being a Saturday, I didn't notice the outage for longer than is reasonable. I apologise to everyone who was affected by it. First, I want to dissect the root cause, exactly what went wrong, and then provide the steps I've taken to mitigate this in the future."The bug that taught me more about PyTorch than years of using it:My training loss plateaued and wouldn’t budge. Obviously I’d screwed something up. I tried every hyperparameter combination, rewrote my loss function, spent days assuming I’d made some stupid mistake. Because it’s always user error. This time, it wasn’t. It was a niche PyTorch bug that forced me through layers of abstraction I normally never think about: optimizer internals, memory layouts, dispatch systems, kernel implementations. Taught me more about the framework than years of using it.What Happened To Running What You Wanted On Your Own Machine?: When the microcomputer first landed in homes some forty years ago, it came with a simple freedom—you could run whatever software you could get your hands on. Floppy disk from a friend? Pop it in. Shareware demo downloaded from a BBS? Go ahead! Dodgy code you wrote yourself at 2 AM? Absolutely. The computer you bought was yours. It would run whatever you told it to run, and ask no questions. Today, that freedom is dying. What’s worse, is it’s happening so gradually that most people haven’t noticed we’re already halfway into the coffin.This week's academiaFrom Texts to Shields: Convergence of Large Language Models and Cybersecurity (Tao Li; Ya-Ting Yang; Yunian Pan; Quanyan Zhu): This paper explores how large language models (LLMs) are increasingly converging with cybersecurity tasks: from vulnerability analysis and network/5G security to generative security engineering. It looks both at how LLMs can assist defenders (automation, reasoning, security analytics) and how they introduce new risks (trust, transparency, adversarial use). The authors outline socio-technical challenges like interpretability, human-in-the-loop design, and propose a forward-looking research agenda for secure, effective LLM adoption in cybersecurity.Adversarial Defense in Cybersecurity: A Systematic Review of GANs for Threat Detection and Mitigation (Tharcisse Ndayipfukamiye; Jianguo Ding; Doreen Sebastian Sarwatt; Adamu Gaston Philipo; Huansheng Ning): This is a large scale systematic literature review (PRISMA-compliant) of how Generative Adversarial Networks (GANs) are being used in cybersecurity—both as attack vectors and as defensive tools—from January 2021 through August 2025. It identifies 185 peer-reviewed studies, develops a four-dimensional taxonomy (defensive function, GAN architecture, cybersecurity domain, adversarial threat model), shows publication trends, assesses the effectiveness of GAN-based defences, and highlights key gaps (training instability, lack of benchmarks, limited explainability). The authors propose a roadmap for future work.Securing the AI Frontier: Urgent Ethical and Regulatory Imperatives for AI-Driven Cybersecurity (Vikram Kulothungan): This paper examines the ethical and regulatory challenges that arise when AI is deeply integrated into cybersecurity systems. It traces historical regulation of AI, analyzes current frameworks (for example the EU AI Act), and discusses ethical dimensions such as bias, transparency, accountability, privacy, and human oversight. It proposes strategies to promote AI literacy, public engagement, and global harmonisation of regulatory approaches in the cybersecurity/AI domain.Neuromorphic Mimicry Attacks Exploiting Brain-Inspired Computing for Covert Cyber Intrusions (Hemanth Ravipati) This paper introduces a new threat class: “Neuromorphic Mimicry Attacks (NMAs)”. These attacks target neuromorphic computing systems (brain-inspired chips, spiking neural networks, edge/IoT hardware) by mimicking legitimate neural activity (via synaptic weight tampering, sensory input poisoning) to evade detection. The paper provides a theoretical framework, simulation results using a synthetic neuromorphic dataset, and proposes countermeasures (neural-specific anomaly detection, secure synaptic learning protocols).Towards Adaptive AI Governance: Comparative Insights from the U.S., EU, and Asia (Vikram Kulothungan; Deepti Gupta) This article offers a comparative analysis of how different regions (US, European Union, Asia) approach AI governance, innovation, and regulation—especially in cybersecurity/AI domains. It identifies divergent models (market-driven, risk-based, state-guided), explains tensions for international collaboration, and proposes an “adaptive AI governance” framework blending innovation accelerators, risk oversight, and strategic alignment.Asymmetry by Design: Boosting Cyber Defenders with Differential Access to AI (Shaun Ee; Chris Covino; Cara Labrador; Christina Krawec; Jam Kraprayoon; Joe O’Brien) This work proposes a strategic framework for cybersecurity defence by deliberately shaping access to AI capabilities (“differential access”) such that defenders have prioritized access or harder restrictions on adversaries. It outlines three approaches—Promote Access, Manage Access, Deny by Default—and gives example schemes of how defenders might leverage these in practice. It argues that as adversaries gain advanced AI, defenders must build architectural and policy asymmetries in their favour.*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}.reverse{display:table;width: 100%;