Christopher Glyer

I caught incident response bug over decade ago while working @Mandiant. One of things I love working @MsftSecIntel is feeling of doing IR at hyper scale & helping solve some of hardest problems I may not be as vocal these days - but love having impact in ways you may not realize

We conducted cyber evaluations of Claude Mythos Preview and found that it is the first model to complete an AISI cyber range end-to-end. 🧵

Judging by my tl there is a growing gap in understanding of AI capability. The first issue I think is around recency and tier of use. I think a lot of people tried the free tier of ChatGPT somewhere last year and allowed it to inform their views on AI a little too much. This is a group of reactions laughing at various quirks of the models, hallucinations, etc. Yes I also saw the viral videos of OpenAI's Advanced Voice mode fumbling simple queries like "should I drive or walk to the carwash". The thing is that these free and old/deprecated models don't reflect the capability in the latest round of state of the art agentic models of this year, especially OpenAI Codex and Claude Code. But that brings me to the second issue. Even if people paid $200/month to use the state of the art models, a lot of the capabilities are relatively "peaky" in highly technical areas. Typical queries around search, writing, advice, etc. are *not* the domain that has made the most noticeable and dramatic strides in capability. Partly, this is due to the technical details of reinforcement learning and its use of verifiable rewards. But partly, it's also because these use cases are not sufficiently prioritized by the companies in their hillclimbing because they don't lead to as much $$$ value. The goldmines are elsewhere, and the focus comes along. So that brings me to the second group of people, who *both* 1) pay for and use the state of the art frontier agentic models (OpenAI Codex / Claude Code) and 2) do so professionally in technical domains like programming, math and research. This group of people is subject to the highest amount of "AI Psychosis" because the recent improvements in these domains as of this year have been nothing short of staggering. When you hand a computer terminal to one of these models, you can now watch them melt programming problems that you'd normally expect to take days/weeks of work. It's this second group of people that assigns a much greater gravity to the capabilities, their slope, and various cyber-related repercussions. TLDR the people in these two groups are speaking past each other. It really is simultaneously the case that OpenAI's free and I think slightly orphaned (?) "Advanced Voice Mode" will fumble the dumbest questions in your Instagram's reels and *at the same time*, OpenAI's highest-tier and paid Codex model will go off for 1 hour to coherently restructure an entire code base, or find and exploit vulnerabilities in computer systems. This part really works and has made dramatic strides because 2 properties: 1) these domains offer explicit reward functions that are verifiable meaning they are easily amenable to reinforcement learning training (e.g. unit tests passed yes or no, in contrast to writing, which is much harder to explicitly judge), but also 2) they are a lot more valuable in b2b settings, meaning that the biggest fraction of the team is focused on improving them. So here we are.

The #axios maintainer just confirmed #UNC1069 🇰🇵 used the same playbook we documented in February. Cloned a founder's identity. Built a convincing Slack workspace. Scheduled a call. Fake "update" deployed WAVESHAPER.V2. npm creds stolen. Trojanized axios update pushed.

Microsoft Threat Intelligence has attributed the Axios npm supply chain attack to North Korean state actor Sapphire Sleet. Malicious npm packages for updated versions of Axios (1.14.1 and 0.30.4) downloaded payloads from command and control attributed to Sapphire Sleet.msft.it/6018QLPF6 Organizations affected by this attack are urged to roll back to safe versions (1.14.0 or 0.30.3 or earlier), rotate secrets and credentials that are exposed to compromised systems, and disable auto-updates. Our latest blog has our analysis of the attack, additional mitigation recommendations, and Microsoft Defender detection and hunting guidance:

The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at github.com/mandiant/flare…. Launched with: - Malware Analysis Crash Course - Go Reversing Reference - Intro to TTD

“Only you can prevent cybercrime” SLEUTHCON: June 5th CFP closes: April 17

SLEUTHCON 2026 is coming! 🐍🐻🌲 Registration is open and our CFP is live! We're back on June 5th, in-person in Arlington, VA and virtually. CFP closes April 17th + tickets will sell out! sleuthcon.com #SLEUTHCON #SLEUTHCON2026 #Cybercrime

We have published the code to do Lift, Fold, Enrich, and Render so you can get started applying this to your logs. 📖gist.github.com/ddamenova/4369…

Nouns, adjectives, and verbs are all you need to “see” a graph inside your log data. Nouns are nodes, adjectives are properties, and verbs are edges. How does this relate to KQL and the lift operator?

BREAKING: The US Securities and Exchange Commission is preparing a proposal to eliminate the requirement to report earnings quarterly and instead give companies the option to share results twice a year. The proposal is expected to be published as soon as next month.

Microsoft have finally patched another tenant domain enumeration loophole > ourcloudnetwork.com/microsoft-quie… Since Microsoft Patched the Get-FederationInformation endpoint from enumerating tenant domains, researchers and services like my TenantDomainFinder have been using a legacy ACS endpoint to enumerate all tenant domains. However, it looks like from today, Microsoft have quietly patched this exploit! #Entra #Microsoft #OSINT

After 8+ years between @EndgameInc and @elastic, my tenure is coming to an end. I couldn’t be more proud of what we achieved with @elasticseclabs, enabling more than 50 researchers to share their knowledge and experiences; many for the first time. Thanks, team. More soon.

US medical device maker Stryker hit with cyberattack from Iranian hacktivists who remotely wiped employee devices. "many employees have had their device data wiped and cannot access their accounts" Stryker makes surgical/imaging equipment, defibrillators corkbeo.ie/news/local-new…

Armadin, Kevin Mandia’s new company, funded by Ballistic Ventures has officially launched. AI for cyber enters a new era. ballisticventures.com/armadin/

Junior and mid-level engineers can no longer push AI-assisted code without a senior signing off at AWS

Coruna iOS Exploit kit is one of those stories where the more you dig the weirder it gets. I love it.. Started as surveillance vendor tooling, ended up in mass Chinese crypto scams, and this week someone registered Iran war-themed dropper domains. Full timeline thread. 🧵

Awesome bit of data that makes intuitive sense. “Finland cut VAT on haircuts in 2007 to see if cheaper prices would boost demand and jobs. But when the tax fell by €4, many salons lowered prices by only €2 and kept the rest as profit. When VAT rose again, prices jumped by the full €4, turning a temporary tax cut into a permanent price hike. It’s tax incidence in action: firms with pricing power pass on cuts partly, and hikes fully.” Source: buff.ly/9vkSfvn

mquire extracts type data (BTF) and symbol addresses (Kallsyms) directly from the kernel in memory. Works on any distro, any kernel version, with zero preparation. Now open source. blog.trailofbits.com/2026/02/25/mqu…

In the physical and cyber realm you can expect Iran to project utter fantasy. Never take their cyberattack claims at face value. They routinely fabricate and exaggerate.

I've just released a new version of typeagent, a Python library I've been working on since mid last year --more and more using Claude-- that implements memory for agents. Not originally my idea, I mostly ported the TypeScript version by Steve Lucco and Umesh Madan. This release was improved a lot by Bernhard Merkle. To install, use "pip install typeagent". Changelog: github.com/microsoft/type…