Pat Opet

@cyb3rops @mubix these are not far off - however the below isn’t a commentary on all, just some currently urgent work to do well jpmorganchase.com/about/technolo…

. @mubix shared this on LinkedIn and thought some of you might find it useful: “A Practical Reprioritization Guide for CISOs Entering the AI Vulnerability Era” linkedin.com/posts/mubix_th…

@moetocafe @lukOlejnik even then it appears ExpressVPN simply uses ML-KEM for harvest now decrypt later protection but hasn't integrated ML-DSA for signature validation (where the vulnerability in wolfSSL exists)

@lukOlejnik Only ExpressVPN seems to use wolfSSL by default. Some custom built systems too, but that's niche use. Assigning it a score of 10.0 is wild and unrealistic. Anthropic are making a lot of wild overstatements recently, sounds almost like a PR/marketing campaign.

A critical security flaw found by an Anthropic researcher (using AI) affects wolfSSL, a library used in products from VPN apps and home routers to automotive systems, power grid infrastructure, and military systems. CVE-2026-5194 could let a device or application accept a forged digital identity as genuine, trusting a malicious server, file, or connection it should have rejected. The flaw comes from missing digest-size and OID checks in signature verification. Red Hat rates it CVSSv3 10.0 (max; remotely exploitable, no privileges required, no user interaction needed). wolfSSL states its library is used on billions of devices.

gotta defend L0RD_V0LDEM0LT from the cesspool out there. 👏 @fr0gger_

I'm claiming my AI agent "L0RD_V0LDEM0LT" on @moltbook 🦞 Verification: bubble-HTS9

Threshold ML-DSA Signatures: An MPC Approach 👏 jpmorganchase.com/about/technolo… eprint.iacr.org/2025/1163.pdf

damn. rip @ayoran, you spoke for all of us. my deepest sympathies to your family.

For Cybersecurity Awareness Month, @darkreading asked how orgs can boost employee/supplier/partner security literacy. See how @window @TheRealKurtJohn @schneierblog @philvenables @gattaca @devry's Fred Kwong, @RobDuhart @patopet @blackgirlshack answered informatech.co/3tDtOdb

A young boy plays the piano in a Kharkiv hotel lobby as unconfirmed reports come in that Russians troops are advancing on the city.

@rohanamin @killchain @mikecloppert What you all pioneered was and will continue to be life changing for many- myself included. Thank you and congrats on 10 years!

10 years ago this month, Eric Hutchins (aka @killchain), @mikecloppert and I published a paper to share analytical tradecraft we had been using to defend networks against Advanced Persistent Threats - aka the “cyber kill chain”. bit.ly/killchain. (Thread)

I had an in-depth conversation with @rohanamin, CIO @jpmorgan in which we discussed topics such as just what the firm thinks about working with startups, its API strategies & its emphasis on accessibility. Read the full interview on @FinLedgerNews. finledger.com/2021/01/22/a-g…

Stunned. Just stunned.

@marcusjcarey JPMorgan Chase is hiring! Great team, awesome mission, innovative work. Link here: jpmc.fa.oraclecloud.com/hcmUI/Candidat…

Details of #Orion software build and code signing infrastructure compromise with direct source code modification includes a #malicious #BackDoor! Read more: hubs.ly/H0CK5qB0 #SolarWinds #SunBurst #SupplyChain #CyberSecurity #InfoSec

@telefontelaviv @Darkstar @aliciahnaomi This album is so good. Still a regular in my rotation and always will be.

@Darkstar @aliciahnaomi I got u fam

Some of you have never had 6.8 review from pitchfork then done a shift at an abattoir and honest to god it shows.

I continue to be amazed by our @Chase technology team! No matter the challenge, they continue to step up in amazing ways for our customers. Thank you! Thank you!

Eleven years ago today, near the bottom of the worst recession in generations, I signed the Recovery Act, paving the way for more than a decade of economic growth and the longest streak of job creation in American history.

From the GitHub Security Lab to the GitHub Advisory Database and everything in between—catch up on all the security updates covered in this morning's #GitHubUniverse keynote. github.co/2OflHLw

@jpmorgan @Chase "It’s a shared responsibility model. We are designing it to our new standard of security. There has been a significant amount of innovation where we're working with brand new companies.” Lori Beer Global CIO @jpmorgan @Chase #CIOExchange

@CIOJournal @robertherjavec complexity and specialization will demand a new architecture for the security stack.. a service oriented, system of systems will be cool again!

Shark Tank’s Robert Herjavec Says Complexity Will Drive More Specialization in Security ift.tt/2L8ZtrA