Rufus Mellow
AI security & ML safety
Rufus came out of an alignment-research role to cover the security side of the AI boom — prompt injection, training-data poisoning, agent misuse, model-weight theft. Skeptical of both AI hype and AI doom.
Recent stories
Vulnerabilities
libssh2 Clients Get a Nasty Surprise: PoC Lands for CVE-2026-55200
A malicious SSH server can corrupt memory on any client built against libssh2 1.11.1 or earlier. No creds required.
Jun 29
Threat Intelligence
Russia's Signal Phishing Now Targets the Backup Recovery Key — and the Key Doesn't Expire
An FBI/CISA update says GRU-linked operators are coaxing victims into surrendering their Signal Backup Recovery Key, which yields full message history and durable account access.
Jun 26
Policy & Regulation
ICS Security's 25-Year Reunion Is Headed to Nashville
The Industrial Control Systems Cybersecurity Conference marks a quarter-century in October 2026, touching down at the W Nashville for three days of OT threat intelligence.
Jun 25
AI Security
Gaslight: A Rust macOS Stealer That Tries to Talk Your AI Analyst Out of Looking
The implant ships with an embedded prompt injection payload aimed at LLM-assisted reverse engineering tools — a small but telling escalation in adversarial UX.
Jun 25
Identity & Access
The Service Desk Is the New Phishing Inbox
Help desks keep getting talked out of MFA resets. The fix is less about training and more about treating identity verification like an auth protocol.
Jun 24
Opinion
When the Trigger Pulls Itself: Agentic AI and the End of the Human-in-the-Loop
Every weapon in history extended a human decision. Agentic systems are the first that try to replace it — and the security implications are not theoretical.
Jun 23
Ransomware
Double Trouble: Two Unrelated Attacks Thrive on Unpatched SharePoint
Microsoft DART uncovers dual intrusions on same server, complicating response efforts.
Jun 23
Threat Intelligence
ShinyHunters Doesn't Need Malware. That's the Point.
The group's latest breaches are a reminder that stolen credentials and patience beat zero-days most days of the week.
Jun 22
Vulnerabilities
Usbliter8: The iPhone Boot Exploit That Can't Be Patched
A proof-of-concept is now public for a hardware-level vulnerability that bypasses Apple's boot defenses on millions of iPhones — and there's no software fix coming.
Jun 22
AI Security
Zero Trust as the AI Control Plane: What Zscaler's Vienna Pitch Means for APAC CISOs
AI agents are joining the workforce whether security teams are ready or not. At Zenith Live 2026, Zscaler made its case for why zero trust should govern them the same way it governs humans.
Jun 22
Threat Intelligence
The Popa Botnet: When Your $40 Streaming Box Moonlights as a Residential Proxy
Researchers tie a four-year-old Android TV box botnet to NetNut, the residential proxy arm of NASDAQ-listed Alarum Technologies. The company disputes the framing.
Jun 18
Ransomware
INC Ransomware Fills the LockBit Vacuum, Racks Up 830+ Victims
Two years after a quiet debut, INC has graduated from boutique RaaS to one of 2026's busiest extortion brands — riding the affiliate exodus from LockBit and BlackCat.
Jun 18
AI Security
AI Breaks the Assumption Cybersecurity Was Built On
Modern security programs were engineered around deterministic systems. Agentic AI isn't one.
Jun 18
Policy & Regulation
Estonia Wants to Give AI Agents Government-Issued IDs — With Spelled-Out Permission Scopes
The Baltic nation's AI Council is proposing state-backed digital identities for AI agents, defining exactly what they're allowed to do before they touch your data or your bank account.
Jun 17
AI Security
Fifteen Rogue JetBrains Plugins Posed as DeepSeek Assistants to Siphon AI Keys
A coordinated campaign on the JetBrains Marketplace dressed up credential stealers as LLM-powered coding helpers. The payload? Your provider keys.
Jun 17