Archive - RockCyber Musings

Weekly Musings Top 10 AI Security Wrapup: Issue 27 January 9, 2026 - January 15, 2026

Deepfakes are Front and Center. Agentic AI Rewrites the Threat Model: 87% See AI Vulnerabilities as Fastest-Growing Risk

12 hrs ago • Rock Lambros

AI Attacker Advantage Is a Myth Built on Bad Success Criteria

First controlled study proves defensive AI outperforms offense at p=0.0193. Learn why success criteria manipulation changes everything for security…

Jan 13 • Rock Lambros

Weekly Musings Top 10 AI Security Wrapup: Issue 26 January 2, 2026 - January 8, 2026

NIST Wants Your Input on Agentic AI Security, n8n Gets a CVSS 10.0 Wake-Up Call, and Attackers Keep Finding New Ways to Poison the AI Supply Chain

Jan 9 • Rock Lambros

NIST IR 8587 Token Security: The Holiday Guidance You Missed

NIST dropped critical token security guidance Dec 22. Learn what IR 8587 requires for key rotation, validation, and the AI agent gap NIST missed…

Jan 6 • Rock Lambros

Weekly Musings Top 10 AI Security Wrapup: Issue 25 December 19, 2025 - January 1, 2026

Holiday Edition: Critical Vulnerabilities, New Government Centers, and the Reality of Agentic Risks

Jan 2 • Rock Lambros

December 2025

NIST’s New Cyber AI Profile: A Solid Foundation with Critical Gaps Your Security Team Can’t Ignore

NIST's Cyber AI Profile maps AI security to CSF 2.0. Here's what it covers, where it falls short on agentic AI, and how OWASP fills the gaps.

Dec 30, 2025 • Rock Lambros

Why Do Boards Ignore Your Cyber Risk Reports? NIST IR 8286r1 Has the Fix

Inside the revision that puts a 38% loss probability in front of your board

Dec 23, 2025 • Rock Lambros

Weekly Musings Top 10 AI Security Wrapup: Issue 24 December 12, 2025 - December 18, 2025

How AI IDEs, Federal Power Plays, and Deepfake Fraud Are Redefining Your 2026 Security Roadmap

Dec 19, 2025 • Rock Lambros

White House Issues Executive Order – Ensuring a National Policy Framework for Artificial Intelligence

Federal Preemption, State Enforcement, and What AI Governance Means for Your Business in 2026 - By Daniel Pietragallo and Rock Lambros

Dec 16, 2025 • Rock Lambros

Weekly Musings Top 10 AI Security Wrapup: Issue 23 December 5, 2025 - December 11, 2025

GPT Agents, Black Hat London, And The Week Agentic AI Got A Rulebook

Dec 12, 2025 • Rock Lambros

It's Here!!! The OWASP Top 10 for Agentic Applications Just Dropped. What you need to know.

Deep dive into the new OWASP Top 10 for Agentic Applications covering AI agent security risks, attack scenarios, and practical mitigations for…

Dec 10, 2025 • Rock Lambros

React2Shell CVE-2025-55182: What I Learned Battling This Beast for a Week

This recovering CISO shares hard-won lessons hunting React2Shell CVE-2025-55182. Why your SIEM missed it, evolving IOCs, and AWS detection approaches…

Dec 9, 2025 • Rock Lambros

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts