Welcome to CYBER_AI, a new newsletter from the Packt team focusing on—well, exactly what it says on the tin: cybersecurity in the age of AI.

This time, we're taking a bold step: a step into the world of teaching in a world where we're all still figuring it out. A scary prospect, to say the very least. As we are beginning this newsletter from the ground up, we are taking things all the way back to the very simplest questions that crop up when we ask "what is Cyber AI?" For a look into the future, here's our plan:

1. What “Cybersecurity AI” Actually Means

2. Machine Learning 101 for Security Professionals

3. Threat Detection with AI: From Rules to Models

4. Adversarial Machine Learning Basics

5. LLMs in Cybersecurity: Capabilities and Limitations

6. Securing AI Models and Pipelines (AI Supply Chain Security)

7. AI-Enhanced Offensive Techniques

8. Privacy and Data Protection in AI Systems

9. AI Governance, Ethics, and Risk Management

10. Building a Security-Aware AI Workflow

Sound good? Head over to Substack and sign up there!

In this newsletter, we’ll explore how AI is transforming cybersecurity—what’s new, what’s next, and what you can do to stay secure in the age of intelligent threats.

Welcome aboard! The future of cyber defence starts here.

Cheers!
Austin Miller
Editor-in-Chief

Build and fine-tune your own LLMs and Agents and deploy them in production with workshops on MCP, A2A, Context Engineering, and many more.

Disrupting the first reported AI-orchestrated cyber espionage campaign: "We recently argued that an inflection point had been reached in cybersecurity: a point at which AI models had become genuinely useful for cybersecurity operations, both for good and for ill. This was based on systematic evaluations showing cyber capabilities doubling in six months; we’d also been tracking real-world cyberattacks, observing how malicious actors were using AI capabilities. While we predicted these capabilities would continue to evolve, what has stood out to us is how quickly they have done so at scale."

Hard drives on backorder for two years as AI data centers trigger HDD shortage — delays forcing rapid transition to QLC SSDs: The race to achieve AGI (artificial general intelligence) has pushed constituents to invest in and build data centers at a pace far outstripping our ability to make them. Manufacturers are struggling to keep up with AI demand, and theongoing DRAM shortageis proof of this, with memory kits costing more than double what they did just a few months ago. Now,DigiTimesis reporting that storage is taking a hit, too, with delivery times forenterprise-grade HDDs delayed by two years.

Prompt Injection in AI Browsers:This is why AIs are not ready to be personal assistants: A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. In a realistic scenario, no credentials or user interaction are required and a threat actor can leverage the attack by simply exposing a maliciously crafted URL to targeted users.

Introducing SlopStop: Community-driven AI slop detection in Kagi Search: "AI slop is deceptive or low-value AI-generated content, created to manipulate ranking or attention rather than help the reader. Per ourAI integration philosophy, we’re not against AI tools that enhance human creativity. But when it includes fake reviews, fabricated expertise, misinformation, content farms designed purely for profit rather than value, and systems that seek to replace genuine human insight and connection, we know it’s hurting us, and we take it upon ourselves to act."

Can we bootstrap AI Safety despite being unable to even define it?: Many approaches to AI safety rely on inspecting model outputs or activations, yet certain risks are inherently undetectable by inspection alone. We propose a complementary, architecture-agnostic approach that enhances safety through the aggregation of multiple generative models, with the aggregated model inheriting its safety from the safest subset of a given size among them.

Automating Algorithm Discovery: A Case Study in Transaction Scheduling: "Transactions are a cornerstone of modern data stores, offering guarantees that simplify development under concurrent data access for modern applications. Their wide adoption by industry databases highlights their importance. However, modern applications pose new hurdles for supporting these semantics. Driven by massive data growth and new use cases such as AI agents, storage systems face unprecedented data volume and scale."

“Generative AI revolution in cybersecurity: a comprehensive review of threat intelligence and operations”: This paper surveys how generative AI (GenAI) is transforming cybersecurity — especially in threat intelligence, automated operations, and attack simulation. It discusses how generative models can be used defensively (e.g., synthesizing threat data, automating incident response) but also warns of adversarial use. The review covers existing architectures, use-cases, risks, and future research directions.

“Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms”: This is a broad, in-depth survey of AI and ML techniques applied to key cybersecurity areas like intrusion detection, malware classification, behavior analysis, and threat intelligence. It also outlines future paradigms, challenges (e.g., adversarial ML, explainability), and research gaps.

“Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks” (Milad Rahmati): This is a preprint (arXiv) proposing an AI framework for detecting cyber threats in edge networks (i.e., resource-constrained devices). The core idea is to combine interpretable machine learning (e.g., decision trees) with lightweight deep learning and federated learning, to achieve real-time threat hunting while preserving transparency and low computational cost.

“Adaptive Cybersecurity: Dynamically Retrainable Firewalls for Real-Time Network Protection” (Sina Ahmadi): Another preprint. This work introduces the concept of dynamically retrainable firewalls — firewall systems that use continual or reinforcement learning to retrain in real time as network traffic evolves. It discusses the architecture, latency/resource tradeoffs, integration with zero-trust models, and future risks including adversarial attacks and ethical/regulatory concerns.

“Organizational Adaptation to Generative AI in Cybersecurity: A Systematic Review” (Christopher Nott): This systematic review studies how cybersecurity organizations (e.g., in finance, critical infrastructure) are restructuring processes and governance to integrate generative AI. It identifies patterns such as LLM integration for threat modeling, risk automation, and hybrid human–AI operations. It also explores challenges: data quality, explainability, adversarial attacks, and building governance frameworks.

“A cybersecurity AI agent selection and decision support framework” (Masike Malatji): This recent preprint proposes a framework to help organizations choose what kind of AI “agent” (reactive, cognitive, hybrid, learning) to deploy, aligned with the NIST Cybersecurity Framework (CSF 2.0). It maps properties like autonomy, learning, and responsiveness to NIST CSF functions. It recommends different autonomy levels (assisted, augmented, fully autonomous) depending on maturity and risk.