Tom Sweet

According to @GoToMyPC support, their #Azure single sign-on does not support #phishing resistant MFA such as #FIDO keys or #WHfB. This makes me wonder about their own internal security.

@hnykda @tcrawford - build your own CRM they said, it will be easy the said, only 30 min they said. Maintenance is more than many think.

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

@TheSurvivalPodc You got me all interested in this subject by mentioning @Graham__Hancock's books years ago.

It is far easier to believe they had steel than to believe they did this with copper. 🤷

@feross @tcrawford - when you talk SaaS replacement and maintenance, this is the type of thing that adds to internal costs. We had to stop everything and test our repos/apps for this. I am sure this is not the last time a component will be compromised.

🚨 Breaking: Trivy GitHub Actions supply chain attack – 75 out of 76 version tags compromised. If your CI/CD pipelines reference “aquasecurity/trivy-action” by version tag, you’re likely running malware right now. At Socket, we identified that an attacker force-pushed nearly every version tag in the official aquasecurity/trivy-action repository. That’s @​0.0.1 all the way through @​0.34.2. Over 10,000 GitHub workflow files reference this action. The malicious payload runs silently before the legitimate Trivy scan, so nothing looks broken. Meanwhile it’s: - Dumping runner process memory to extract secrets - Harvesting SSH keys - Exfiltrating AWS, GCP, and Azure credentials - Stealing Kubernetes service account tokens The only unaffected tag right now appears to be @​0.35.0. Socket independently detected this at 19:15 UTC and generated 182 threat feed entries tied to this campaign – all correctly classified as Backdoor, Infostealer, or Reconnaissance malware. This is the second Trivy compromise this month. Earlier in March, attackers injected code into the Aqua Trivy VS Code extension on OpenVSX to abuse local AI coding agents. The compromised tags are still active. Pin to @​0.35.0 or use a SHA reference until this is fully remediated. Full write-up: socket.dev/blog/trivy-und…

@feross thank you for sharing.

@Rahll @tcrawford - I pasted this in the chat today.

Wait wait wait waaait a second.... He's saying he wants his $500,000 engineer to actually cost him $750,000 by using $250,000 worth of AI tokens. Wasn't AI supposed to make things cheaper, not cost 50% more?

Gotta love cyber people on LinkedIn with big mouths that wont' display their last name -real brave.

@TheSurvivalPodc This is a great book

The AI-Driven Leader by Geoff Woods - Item of the Day thesurvivalpodcast.com/iotd-6-24-25 Are you using AI or are the companies behind AI using you? This book shows you how to use AI where you are always the "thought leader" vs. the passive way most people let AI control the conversation and hence the output. To survive the AI change you really need to read this book.

@tcrawford I remember a quote from "No Country for Old Men" - when Elias tells his brother, "you can't stop what's coming."

If a personal agent works "on your behalf," it has your agency. That means it sees every file, email, and system you do. One bad extension is all it takes to leak the "crown jewels." Is the risk worth the reward? avoa.com/2026/03/16/the… #CIO #CISO #AI #Agentic #Cybersecurity #RSAC2026

🚨 LAST CALL! 🚨 Join the team behind the world’s first #Ransomware Operations Center for a live discussion on: • Why ransomware broke the SOC model • What attackers are doing now • Real saves from the frontlines TODAY @ 11 AM ET Register now: bit.ly/4sIfjy9 #cybersecurity #ThreatIntel #webinar

Most ransomware reports tell you what could happen. This one shows what actually did — straight from Halcyon’s Ransomware Operations Center (ROC). Introducing our new monthly ROC STAR Report, built from real attacks stopped in live environments. What we’re seeing: • Attackers scaling with legit tools (RMM, remote access) • Most threats stopped before foothold • #EDR failing silently — no alerts, no signal No theory. Just real-world #ransomware. 👉 Download the report: bit.ly/4bOfmmg #ThreatIntel #cybersecurity

@AutismCapital waited 40 min for the live event to start, then moved on.

🚨 NEW: Nvidia announces support for OpenClaw 🦞

@tcrawford I can see that - we downplayed the AI portion of RefrigAgent.

Interesting tidbit for CMOs: 50% of Consumers Prefer Brands That Avoid Using GenAI in Consumer-Facing Content gartner.com/en/newsroom/pr… #CIO #CMO #CX #AI #GenAI

@tcrawford I think a lot will change in the next two months.

The Trojan Horse in Your Inbox: Why Personal AI Agents are a CIO’s Newest Nightmare #CIO #AI #Agentic #PersonalAgents #Cybersecurity avoa.com/2026/03/16/the…

@tcrawford Assuming you could, keeping up with daily open-source updates/patches/vulnerabilities takes a lot of time. Ask me how I know. 😀😀

Think you can just "vibe-code" a custom ERP with AI and ditch your SaaS contracts? Think again. 🛑 The hype says AI replaces SaaS; reality says replicating the complexity of a Salesforce or Workday is a monumental (and expensive) feat. Don't trade stability for hype: avoa.com/2026/03/06/is-… #CIO #Cloud #AI #EnSW

Got banned from @claudeai tonight for 'who knows why?' I had a personal API account with $5 on it and never got around to using it. I can't even log in to to see what happened, if anything. Sure I can appeal it.

All these arm-chair quarterbacks discussing 'should haves" for #stryker - clear to me that none have actually managed an M365 tenant.

@honeymoon250 If she has a boyfriend or husband, many will blame him for the black eye that results.

Any advice to her ?

It might just need an hour or two to sync up. It is starting to work now

I cannot get @claudeai to #SSO to work with our "Team" license. The "test" from workos.com works, but then it never enables and activates our domain in the identity portion of the claude app. Any ideas? workos.com shows timeouts in their screen

Atlassian just confirmed 1,600 layoffs with 900+ coming from engineering But I'm hearing the real story from inside Sources say they've been running "knowledge extraction sprints" for 6 months - recording every senior engineer's screen, logging their prompts, documenting their debugging workflows One architect told me they made him walk through his entire microservices decision tree while they filmed it. Called it "knowledge transfer for the transition team" The transition team? 47 contractors in Bangalore with access to his recorded sessions and a Claude Enterprise subscription Same architect just found out his replacement starts Monday. Guy makes $28k annually and ships code 40% faster using the exact prompt libraries they extracted They're not just cutting headcount - they're systematizing 15 years of engineering expertise into training data The "strategic AI focus" isn't about building AI products It's about replacing their entire engineering culture with agents trained on their senior engineers' knowledge Word is the CTO replacement already has the playbook: extract, document, offshore, automate If you're still there and they ask you to "document your processes for the team" - RUN The knowledge extraction is complete