Mike Leffer

Threat feeds dump 1000s of incidents on security teams every day. Most go unread, so we had to act. Introducing ahackaday.news: your free daily security digest that ranks the day for you, with live social signal on every brief.

A healthcare CISO this week told me he'd already built a lightweight version of our product on Claude. Called ours a sophisticated version of what he'd prototyped. The strongest buyers in any category are the ones who already tried to build it themselves.

14 deals closed. Most operators count closes. The real signal is how many got their date pushed a fourth time. Pipelines that never push are fiction. Ones that always push stopped being forecasts. Where does yours sit?

Today, we're proud to announce that we've partnered with @CrowdStrike and @swif_ai to offer EDR and MDM services, wired directly into Cantina's agentic security OS. cantina.review/cantina-cf44ca

This is the agentic AI security gap nobody is pricing in. Coding agents have production credentials and runtime authority but the controls around them are still policy docs and prompt rules. Runtime enforcement on what agents can actually execute is the missing layer. Rough timeline you wrote up, glad Railway got the data back.

@AnthropicAI can someone please respond to my BAA request submitted via sales form for our org. If you don't we'll be going with @OpenAI for our use case.

Woke up to an MSA countersigned overnight. Months in the making. Six hours later a $52K payment bounced back and sent finance scrambling. The wins and the fires come hand in hand.

We're looking to hire a Staff Security Product Engineer. You'll be working on frontier security products: Clarion (an autonomous security operations platform) and Apex (an autonomous bug hunter). Link below:

@liran_tal @Polymarket @cantinasecurity Happy to book a call. Have a calendar link?

@mikeleffer @Polymarket @cantinasecurity congrats! I didn't realize you also have a BB program too it would be nice to see a demo of AgentSight and how y'all are thinking about agent security

Excited to see @Polymarket launch their $5,000,000 bug bounty program on @cantinasecurity

The best diligence on whether your category is real isn't VC interest. It's a prospect on a sales call saying "tell me when you raise, I want in." A buyer asking for exposure beyond a purchase order is telling you something investors can't see yet.

@liran_tal Earned credit. Your earlier CVEs basically mapped the playbook for this class of issue. Eleven CVEs across major MCP clients all tracing to the same architectural assumption is the part defenders should sit with. That pattern does not get patched at the implementation layer.

oh hah, the RCE security vulnerability article for Anthropic MCP SDK from thehackernews (thehackernews.com/2026/04/anthro…) drops a mention to one of my earlier CVEs what a fun random moment :D

@byteakp @OpenHandsAI "Works as intended" is the signal the protocol was designed for a trust model that doesn't match production. Defenders can't wait for spec rewrites. Runtime visibility on what MCP servers actually do is the only control scaling faster than the vuln count.

Anthropic's MCP has a systemic RCE vulnerability 150M downloads 200K servers "works as intended" per Anthropic. I literally just patched a CVE in @OpenHandsAI one of the affected projects we are so cooked if engineers don't start treating agent security seriously

Got an inbound this week from a security exec at a Fortune 100 brand. No warm intro. Just booked through my scheduler. 18 months of posts and the win isn't a viral moment. It's one decision-maker reading the right line on the right day.

60-day free trial goes out with every design partner we sign. The math that makes it work: even if none convert, the product feedback is worth more than what 60 days of usage costs us. When they do convert, it's the easiest sales cycle we run all year.

@wallstengine The harder question is whether a one-shot frontier model risk assessment is rigorous enough for regulated environments. Most teams I talk to want continuous evidence collection, not a scorecard from last quarter.

$IBM unveiled new cybersecurity tools aimed at “agentic” AI attacks, including a frontier model risk assessment and a new Autonomous Security service built to automate vulnerability response at machine speed.

The real AI win this year has been dismissal, not just detection. A triage pipeline that drops noise before a human sees it beats any assistant doing the same work faster. Fewer eyeballs on things that didn't deserve attention.

Every morning I read an AI briefing pulling yesterday's Slack, emails, meeting notes, and calendar. 8 minutes to read. 2 hours to reconstruct by hand. Starting every day with context already loaded is its own kind of compounding advantage.

@albinowax @BlackHatEvents The novel-research bar is the one everyone handwaves past. If your AI is finding CVEs that humans didn't already queue up, that is the real test. Looking forward to the methodology.

I'm thrilled to announce "Can AI Do Novel Security Research? Meet the HTTP Terminator" will premiere at @BlackHatEvents #BHUSA! Check out the abstract:

3:31 AM DM from a teammate last night: "adding you to the call tomorrow at noon." 8 hours later I'm walking into a first meeting with an enterprise buyer I didn't know existed yesterday. That's what building through a pivot looks like when it's working. You show up and trust the team.