Needle this week: 60/40, Risk
For 25 years, cybersecurity has been asking when adversaries would operationalize AI. Google Threat Intelligence answered this week: now. The first AI-developed zero-day exploit was disrupted before mass deployment. Disrupted, not prevented. On the same Monday, Anthropic's Mythos Preview detected and stopped a $1.5 million wire fraud at a Project Glasswing partner bank.
Defenders and attackers got the same capability in the same news cycle. The needle moves toward Risk because the offense compounds faster than the defense scales. The defense wins specific cases. The offense changes the baseline.

On the channel

The biggest gap between people who get useful answers from AI and people who do not is not the model. It is the prompt. Ep 8 walks the RCTF framework, Role, Context, Task, Format, with live before-and-after demos: same AI, same task, restructured prompt, dramatically better output. The framework is free. Most people are not using it.

The fastest way to tell whether something was written by AI is to read it aloud. If it does not sound like a human talking, it is not. Ep 9 covers the give-away patterns, em-dashes in every paragraph, "delve," "tapestry," the three-noun reflex, and the four risks most people are not pricing when they outsource writing to AI: skill atrophy, credibility cost on cover letters and LinkedIn, citation laundering through agentic research mode, and data leakage to public LLMs. Steven the lawyer from Ep 3 returns as the extreme version of the credibility cost.

Worth your attention

Three items from this week. Not on the channel.

1. Google Threat Intelligence: first AI-developed zero-day exploit, disrupted before mass deployment. GTIG identified a criminal group using an LLM to weaponize a previously unknown 2FA bypass in an open-source admin tool. The exploit's structure, educational docstrings, a hallucinated CVSS score, textbook Python format, gave it away.

Why it matters: The era of AI-assisted exploit development is here. Boards that have not asked their CISO about it should ask this week. Read the GTIG report →

2. EU AI Act Omnibus: the August 2 deadline is gone. Council and Parliament reached provisional agreement May 7. High-risk Annex III now applies December 2, 2027. Annex I (regulated products) applies August 2, 2028. But the Article 50 watermarking and transparency deadline got compressed to December 2, 2026, three months, not six.

Why it matters: If your AI Act readiness plan was anchored to August 2, the plan is wrong. The nearest binding date is now December 2, 2026, and it is about synthetic content disclosure. The high-risk relief is real. The watermarking pressure just got tighter. Council press release →

3. Anthropic Mythos Preview prevented a $1.5M wire fraud at a Glasswing partner bank. Mythos detected the pattern after a threat actor compromised a customer email account and made a spoof phone call to authorize the wire. The bank is a Project Glasswing partner running Mythos in production for cyber verification.

Why it matters: Agentic AI in defense stopped being theoretical this week. The defenders are shipping the same class of capability the adversaries just demonstrated. The next 12 months are about which side scales faster. Anthropic announcement →

Nine in ten CEOs announcing AI-driven layoffs run companies whose AI capability is nowhere near mature, per Forrester. Gartner expects half of customer-service cuts citing AI to result in rehires by 2027. Carnegie Mellon's benchmark for autonomous workplace task completion sits at 24%. The numbers are public. These are not mistakes of information. They are mistakes of governance.

The same pattern recognition that built modern cybersecurity governance applies to AI. If the function lives in a department, the risk does not get governed at the level where the decisions are made.

Forward this to one person who should be reading it!

— Fredrik

Keep reading