One line from @AnthropicAI statement on the US government directive to suspend access to Fable 5 and Mythos 5 is interesting. "𝗧𝗵𝗲𝘀𝗲 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗮𝗹𝗹 𝗮𝗽𝗽𝗲𝗮𝗿 𝗿𝗲𝗹𝗮𝘁𝗶𝘃𝗲𝗹𝘆 𝘀𝗶𝗺𝗽𝗹𝗲" You DON'T call vulnerabilities simple. You rank them as critical, high, medium, low. You can call an exploit as simple. The other one is the use of the word "appear". Security is fairly deterministic in classification of vulnerabilities once a qualified professional has done proper analysis so the choice of the word "appear" is interesting as well.

One thing I can't quite wrap my head around the @AnthropicAI Fable 5 / Mythos 5 shutdown. Most jailbreaks can typically be mitigated fairly quickly once the underlying technique or pattern is understood. This is standard practice across frontier AI labs. Researchers report a jailbreak, the lab analyzes the technique, implements a mitigation (even if temporary), and then works on a more robust fix. Most major AI companies have dedicated teams, tooling, and well-established processes for handling exactly this type of issue. So when @awscloud researchers surfaced a jailbreak, the obvious question is: why not patch it, even as a temporary, defense-in-depth, compensating control kind of fix, and move on, while a longer-term solution was being developed? And if the issue was serious enough that AWS leadership ultimately felt compelled to raise concerns with the U.S. Federal Government, what happened before that point? From the outside, it appears less like a technical challenge and more like a breakdown in vulnerability disclosure and remediation coordination. Both sides disagree on whether there was anything to patch. Anthropic says the technique surfaced previously known, minor issues, was reproducible on other public models, and did not point to a flaw in Fable 5's safety systems. In cybersecurity, the expectation is usually that researchers and vendors work together to understand the issue, validate the findings, and deploy fixes before matters escalate. What makes this different from a normal disclosure is the escalation path. This did not run through coordinated disclosure. A major investor (@amazon is a major investor in Anthropic) reportedly took it directly to @USTreasury , and the model came down through export controls rather than a patch cycle. I'm curious whether others see this as primarily a technical issue, a process issue, a trust issue, or something else entirely. #AISecurity #AISafety #Anthropic #ClaudeAI #CyberSecurity #VulnerabilityDisclosure #AIGovernance #ResponsibleAI #ModelSecurity #TrustAndSafety #CISO #AIPolicy

🚀 Calling all students: the @Microsoft Student Ambassador program is open, and the 2026 version is built differently. No application. No interview. No gatekeeping. If you're a curious student in any discipline, you sign up, onboard, and start building. This is a global community of students who learn, lead, and grow together across AI, Cloud, Development, Cybersecurity, Data Science, and beyond. You don't need a coding background to start. You just need to be eager to learn and willing to help others do the same. What you get as you progress through Alpha, Beta, and Gold milestones: 🤖 Microsoft 365 Copilot access ☁️ $150/month in Azure credits 💻 Visual Studio Enterprise 📚 LinkedIn Learning and certification vouchers 🎁 Exclusive Ambassador swag 🌍 A global network and real leadership experience 🏅 A pathway toward Microsoft MVP If you want to turn potential into proof and build a track record that speaks for itself, this is one of the best free programs out there for students. 🔗 Get started: mvp.microsoft.com/studentamb… Tag a student who should see this. 👇 #MLSA #MicrosoftLearn #StudentAmbassador #AI #CloudComputing #Cybersecurity #DataScience #CareerGrowth #LearnBuildLead

The latest word on the street...the keyword here is "reportedly" Article link - thenextweb.com/news/amazon-j… I am doing a session on "Anthropic Claude Fable 5 & Claude Mythos 5 - A Real Primer For All" on Monday, June 15th 12 - 1 PM PDT which will have a lot of interesting tidbits like this. Don't miss it. Registration link - luma.com/tejas-e4j3

Most people assume that turning OFF training means their AI conversations aren't retained. That's not true. For consumer users of @AnthropicAI Claude (Free, Pro, and Max plans), conversations may still be retained for up to 30 days - even when you opt out of having your data used for model improvement. Let that sink in. Many users confuse: Model training, Data retention, Data deletion They are not the same thing. This is just one of many interesting facts I uncovered while researching the latest Anthropic Claude ecosystem. If you would like to know more, join us for this session: 🎭 Anthropic Claude Fable 5 & Claude Mythos 5 – A Real Primer For All 📅 Monday, June 15, 2026 ⏰ PM – PM PDT 🔗 Registration link - luma.com/tejas-e4j3 #Anthropic #ClaudeAI #AISecurity #Privacy #CyberSecurity #GenAI #AIGovernance #CISO #ArtificialIntelligence #DataPrivacy

Happening now at 12 PM PST, June 12th 2026 Career Warm Up for Cyber Professionals No one's job is safe, it is better to warm up than be caught unawares. First 30 mins I will share some tips (my Top 9 mistakes) and next 30 mins we will be discussing as a group on what is working and what is not working and sharing best practices luma.com/tejas-31bs

Announcing the 𝗧𝗲𝗷𝗮𝘀 𝗖𝘆𝗯𝗲𝗿 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗖𝗮𝗺𝗽𝘂𝘀 𝗔𝗺𝗯𝗮𝘀𝘀𝗮𝗱𝗼𝗿 Program 🎓⚡ We are bringing cybersecurity learning, mentorship, and career opportunities directly to university campuses, and we are looking for student leaders to make it happen. As a Tejas Campus Ambassador, you will: 🔹Represent Tejas at your university and host campus events 🔹Get direct mentorship from CISOs and security leaders 🔹Receive free General Membership ($150 value) plus early access to events and hackathons 🔹Earn a certificate, LinkedIn recommendation, and recognition across Tejas channels Open to BS/MS students in Cybersecurity, Computer Science, or related fields at US and international universities. We select a limited number of ambassadors per region each semester, and applications are reviewed on a rolling basis. 𝗔𝗽𝗽𝗹𝘆 𝗵𝗲𝗿𝗲: docs.google.com/forms/d/e/1F… If you are a professor, CISO, or security leader, tag a student who should see this. That one tag could launch a career. #Cybersecurity #CampusAmbassador #StudentLeadership #CyberCareers @tejascybernet #InfoSec

Just released - An 𝗔𝗜 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝗣𝗿𝗮𝗰𝘁𝗶𝘁𝗶𝗼𝗻𝗲𝗿’𝘀 𝗣𝗹𝗮𝘆𝗯𝗼𝗼𝗸 from @Microsoft . This playbook is built from Microsoft’s operational experience running AI incident response at scale. The primary use case here is @Microsoft365 Copilot and @Azure AI Services but there are pointers on current state of AI investigation, covering the configuration, queries, and detection rules. For example there are queries like "Find agents with a configured MCP tool" or rules which alert on "AI agent ASCII smuggling detected". It is v1 so I am sure the future versions are only going to get better. microsoft.com/en-us/security… @msftsecresponse @MicrosoftAI @msftsecurity @MSFTnews

Don't sleep on interesting AI work being done at Apple. They just launched the 𝗧𝗵𝗶𝗿𝗱 𝗚𝗲𝗻𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗽𝗽𝗹𝗲’𝘀 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗼𝗱𝗲𝗹𝘀 machinelearning.apple.com/

Privacy from your own Smart TV: What you need to know about ACR. Most consumers are unaware that their Smart TVs come with a built-in tracking technology enabled by default. It is known as 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗰 𝗖𝗼𝗻𝘁𝗲𝗻𝘁 𝗥𝗲𝗰𝗼𝗴𝗻𝗶𝘁𝗶𝗼𝗻 (𝗔𝗖𝗥), and its scope is incredibly broad. How ACR works: ACR technology actively captures small snapshots of your screen or samples of your audio. This information is converted into a unique digital footprint and transmitted to the manufacturer's servers. There, it is matched against a comprehensive database of live broadcasts, streaming content, and advertisements. What it means for your data: This allows companies to build a highly accurate profile of your media consumption. They track: *️⃣ Which apps you open *️⃣ Exactly what content you watch *️⃣ How much time you spend on specific channels or platforms *️⃣ Perhaps the most concerning aspect is that ACR is input-agnostic. It does not matter if you are watching a native Smart TV app like Netflix, playing a local file from a USB drive, or gaming on a console like a PS5. If the pixels are on the screen, the TV is processing them. Data privacy starts in the living room. It's worth taking a few minutes to dive into your TV's settings and toggle ACR off. Note - Many times ACR is buried in setup under a friendly label like "Viewing Information Services."

One of the bigger highlights from @Microsoft Build 2026 for me is 𝗠𝗫𝗖 or 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗘𝘅𝗲𝗰𝘂𝘁𝗶𝗼𝗻 𝗖𝗼𝗻𝘁𝗮𝗶𝗻𝗲𝗿𝘀 which form the policy layer, defining and instrumenting isolation and containment for agents while relying on native Windows operating system constructs to apply these policies. OpenClaw, NVIDIA OpenShell, Hermes are all now leveraging MXC MXC is a sandboxed code execution system for running untrusted code (model output, plugins, tools) on Windows, Linux, and macOS. MXC also supports multiple containment backends: ProcessContainer, Windows Sandbox, LXC, Bubblewrap, Seatbelt (macOS), MicroVM (NanVix), Hyperlight, IsolationSession, and WSLC github.com/microsoft/mxc blogs.windows.com/windowsdev…

🛡️ Heading to Redmond next week for the @Microsoft Applied AI Safety & Security Summit! I'm genuinely excited to be attending this summit and to go deep on the innovation Microsoft is driving around AI safety and security. 🤝 And before the summit, I'm hosting a Cyber Leaders Meetup with @tejascybernet on Monday, June 8th evening. If you're in the area, come connect with fellow security leaders and let's talk AI, security, and what's next. RSVP 👉 luma.com/tejas-hu26 #AISafety #AISecurity #Cybersecurity #AgenticAI #Microsoft #Tejas #CISO #AIGovernance

7 New AI Models from @Microsoft *️⃣ MAI-Thinking-1 *️⃣ MAI-Code-1-Flash *️⃣ MAI-Image-2.5 *️⃣ MAI-Transcribe-1.5 *️⃣ MAI-Voice-2 Read more about it here - microsoft.ai/news/building-a… @MicrosoftAI

Excited to share that I'll be speaking at an exclusive evening on the future of AI security. 🔐 What happens when cybersecurity leaders, AI innovators, and practitioners gather in one room? Emerging threats turn into actionable insights, conversations become partnerships, and challenges become opportunities to shape what's next. I'm honored to join a panel of industry leaders I deeply respect: 👤 Allison Johnson, Head of Customer & Executive Marketing at Okta, who leads global customer engagement and hosts Okta's Executive Exchange. 👤 Den Jones, Founder & CEO of 909Cyber, a Zero Trust pioneer with 35 years and former CSO roles at Banyan Security and SonicWall. 👤 Sangram Dash, CISO & VP of IT at Sisense, who has built bank-grade security programs across PayPal, Square, and SVB. Together we'll dig into securing intelligent systems and navigating the next generation of cyber risks. 📍 The Rooftop at Werqwise, San Francisco 📅 Wednesday, June 17, 2026 ⏰ 5:30 PM to 7:00 PM Great wine. Meaningful conversations. The next era of AI security. Register here: paperlesspost.com/go/G4vqBbW… #AISecurity #Cybersecurity #CISO #AI

The job situation is going to get only worse. A few pointers 1. IRL "In Real LIfe" is the theme this year. Meet as many folks "in person" as possible. They key word here when you ask to meet people, is to take the uncertainty out on who is paying. Use words like - "lunch is on me", "my treat" 2. Do as many micro favors as you can. Don't sleep without having helped someone 3. Get visible, increase the surface area of your luck by attracting opportunities. 4. Share information - this is kind of a micro favor, as you are building implicit trust and establishing your bonafides as a well wisher 5. Upskill - Set 2-3 hours of daily study time with no distractions. We are knowledge workers and no amount of soft skills are going to save us unless we upskill to gain hard skills and adapt to a changing world.

Catch security issues as Claude writes code. Official plugin from @AnthropicAI github.com/anthropics/claude… code.claude.com/docs/en/secu…

If you would like to disable @Google @GeminiApp from keeping a record of all your activities, this is the direct link to disable it. myactivity.google.com/produc… If you would like to keep the setting on, I would recommend changing the default "Auto-delete activity older than" to 3 months from the default 18 months.

A top-tier @MIT of Technology security course just hit YouTube. Free. All 19 lectures. 6.566: Computer Systems Security (Spring 2026), Prof. Nickolai Zeldovich, at @MIT_CSAIL Course Details: → AI agent security (the CaMeL approach) → Supply chain security with Russ Cox → TLS 1.3, WebAuthn, Signal, Tor → 5 hands-on labs YouTube Playlist - youtube.com/playlist?list=PL… #CyberSecurity #AISecurity #CISO #AppSec

Most MCP servers in production right now have no authentication. Yours might be one of them. So I'm running a 90 minutes hands-on session to fix exactly that. 🔧 𝗕𝘂𝗶𝗹𝗱, 𝗗𝗲𝗽𝗹𝗼𝘆 𝗮𝗻𝗱 𝗛𝗮𝗿𝗱𝗲𝗻 𝗮𝗻 𝗠𝗖𝗣 𝗦𝗲𝗿𝘃𝗲𝗿 𝗳𝗿𝗼𝗺 𝗦𝗰𝗿𝗮𝘁𝗰𝗵 This is not another "hello world" tutorial. You will build a working MCP server, then attack it and harden it yourself. We go straight into the controls that matter in production: → Authentication and token handling → Least-privilege tool scoping → Prompt-injection and tool-poisoning defenses → Secrets management, network and container hardening → Audit logging and CI/CD security gates You leave with a hardened reference server, a working threat model, and a checklist you can apply to any MCP deployment Monday morning. Built for security engineers, AI/platform engineers, DevSecOps practitioners, and security-minded developers. Also valuable for CISOs and leaders who want a grounded technical view of what MCP changes about their trust model. 🎟️ 𝗛𝗼𝘄 𝘁𝗼 𝗷𝗼𝗶𝗻: ✅ Free for Tejas Cyber Network Executive Members and Tejas Global Cyber Founders. Not a member yet? Two ways in: ▪️ For Practioners - Become a Tejas Cyber Network Executive Member: tejas-cyber-network.circle.s… Learn more: tejascybernetwork.com/ Membership benefits: docs.google.com/document/d/1… ▪️ For Cyber Founders - Join the Tejas Global Cyber Founders Network: tejas-cyber-network.circle.s… Learn more: tejascybernetwork.notion.sit… Everyone else can grab a ticket directly. This one is paid, but worth every minute. 💬 In transition or a student? Message me directly and I will send you a complimentary code. No one who wants to learn this gets left out. 📅 Register here: luma.com/tejas-505m #MCP #AISecurity #AgenticAI #Cybersecurity #DevSecOps #CISO #TejasCyberNetwork