Pink Extortion Group Emerges Targeting Microsoft 365 Data
A newly identified cyber operation dubbed "Pink" extortion is gaining attention among incident responders after security researchers uncovered a threat group using voice phishing, cloud data theft and aggressive extortion tactics to target organizations.
Pink Extortion Group Emerges Targeting Microsoft 365 Data
A newly identified cyber operation dubbed "Pink" extortion is gaining attention among incident responders after security researchers uncovered a threat group using voice phishing, cloud data theft and aggressive extortion tactics to target organizations.
Pink Extortion Group Emerges Targeting Microsoft 365 Data
A newly identified cyber operation dubbed "Pink" extortion is gaining attention among incident responders after security researchers uncovered a threat group using voice phishing, cloud data theft and aggressive extortion tactics to target organizations.
UN food agency discloses breach affecting 600,000 Gaza households
The United Nations' World Food Programme (WFP), the world's largest humanitarian organization, revealed over the weekend that its self-registration application (SRA) for Palestine was breached.
Attacco a Carnival: cosa sappiamo sull’incidente che ha esposto 6 milioni di persone
Carnival ha subito una grave violazione esponendo dati di quasi 6 milioni di persone. Vediamo come può essere stato possibile, partendo una una unica telefonata, ben congegnata per essere malevola
The AI-orchestrated cyberespionage campaign that Anthropic disclosed in late 2025 , the most agentic offensive operation publicly documented, required humans at four to six decision points per campaign. Deterministic work is where agents earn their keep The work agents do well has a few features in common. Each of those tasks has a deterministic core: there is a right answer, the answer can be checked against ground truth, and the failure modes are bounded. The bulk of what arrives in an alert queue does not require judgment. Putting humans on that work doesn't make the work better. Ambiguous judgment is where humans stay irreplaceable The other layer is harder to describe because it is not a list of tasks. It is a property of certain decisions: they require judgment under ambiguity, with material consequences, on incomplete evidence. The right answer depends on context the model does not have access to: the user's recent project history, the company's quarterly close calendar, what the security team negotiated with that engineering manager last month, whether the org is in a sensitive contract renewal that would change the cost of a wrong call. The decision is not "is this malicious" but "what is the right next step given what we know and what we don't." Models hallucinate confidently in this space. When a model encounters ambiguity, it tends to produce a confident-sounding answer that pattern-matches to its training distribution rather than to the specific situation in front of it. Humans handle this layer not because humans are smarter than models in some general sense. Humans handle it because the calculus on ambiguous decisions involves stakes, context, and accountability that the model has no exposure to. The naive answer is "the agent handles tier-1, the human handles tier-3, tier-2 is the handoff." That description is roughly right but undersells what good handoff design actually requires. Over time, the model gets better at routing the same shape of case to the human earlier, and the false-positive surface narrows. Without it, the agent layer drifts and the human layer gets noisier over time. Every model verdict and every human decision is logged in a way that lets a third party reconstruct what happened and why. Is the decision deterministic, or does it require judgment under ambiguity? Is there context outside the alert data that materially affects the right answer? Processes that involve ambiguous judgment, asymmetric cost-of-error, or external context belong to humans. The right boundary is rarely "fully autonomous" or "fully manual." It is usually "agent processes the case to a specific point, hands to a human at the decision moment, human approves or modifies, system logs the decision." That design discipline, process by process, decision by decision, is the part that takes the longest and pays the most. The right question is "what kind of decision is this, and where should it live?" The answer comes out the same way every time. Deterministic work runs better on machines. Ambiguous judgment runs better through humans. The category does not yet have a clean answer for the second layer, and pretending it does is what produced the false dichotomy between "AI replaces analysts" and "AI is dangerous." Neither is right.
The AI-orchestrated cyberespionage campaign that Anthropic disclosed in late 2025 , the most agentic offensive operation publicly documented, required humans at four to six decision points per campaign. Deterministic work is where agents earn their keep The work agents do well has a few features in common. Each of those tasks has a deterministic core: there is a right answer, the answer can be checked against ground truth, and the failure modes are bounded. The bulk of what arrives in an alert queue does not require judgment. Putting humans on that work doesn't make the work better. Ambiguous judgment is where humans stay irreplaceable The other layer is harder to describe because it is not a list of tasks. It is a property of certain decisions: they require judgment under ambiguity, with material consequences, on incomplete evidence. The right answer depends on context the model does not have access to: the user's recent project history, the company's quarterly close calendar, what the security team negotiated with that engineering manager last month, whether the org is in a sensitive contract renewal that would change the cost of a wrong call. The decision is not "is this malicious" but "what is the right next step given what we know and what we don't." Models hallucinate confidently in this space. When a model encounters ambiguity, it tends to produce a confident-sounding answer that pattern-matches to its training distribution rather than to the specific situation in front of it. Humans handle this layer not because humans are smarter than models in some general sense. Humans handle it because the calculus on ambiguous decisions involves stakes, context, and accountability that the model has no exposure to. The naive answer is "the agent handles tier-1, the human handles tier-3, tier-2 is the handoff." That description is roughly right but undersells what good handoff design actually requires. Over time, the model gets better at routing the same shape of case to the human earlier, and the false-positive surface narrows. Without it, the agent layer drifts and the human layer gets noisier over time. Every model verdict and every human decision is logged in a way that lets a third party reconstruct what happened and why. Is the decision deterministic, or does it require judgment under ambiguity? Is there context outside the alert data that materially affects the right answer? Processes that involve ambiguous judgment, asymmetric cost-of-error, or external context belong to humans. The right boundary is rarely "fully autonomous" or "fully manual." It is usually "agent processes the case to a specific point, hands to a human at the decision moment, human approves or modifies, system logs the decision." That design discipline, process by process, decision by decision, is the part that takes the longest and pays the most. The right question is "what kind of decision is this, and where should it live?" The answer comes out the same way every time. Deterministic work runs better on machines. Ambiguous judgment runs better through humans. The category does not yet have a clean answer for the second layer, and pretending it does is what produced the false dichotomy between "AI replaces analysts" and "AI is dangerous." Neither is right.
Campagna LLMShare: come il malvertising abusa di ChatGPT e Claude
Una nuova campagna di malvertising denominata LLMShare conferma che i criminali informatici hanno smesso di fare affidamento esclusivamente sulle classiche campagne di phishing via e-mail preferendo sfruttare l’autorità e la reputazione incontaminata dei domini ufficiali di OpenAI e Anthropic. Ecco tutti i dettagli e come difendersi
Crisis Management: piani di comunicazione post-breach
Dopo un data breach o un attacco ransomware, la percezione pubblica dell’evento può influenzare reputazione, fiducia e continuità operativa quanto il danno tecnico stesso. Ecco perché, nel corso di una crisis management, la comunicazione è parte della difesa
Campagna LLMShare: come il malvertising abusa di ChatGPT e Claude
Una nuova campagna di malvertising denominata LLMShare conferma che i criminali informatici hanno smesso di fare affidamento esclusivamente sulle classiche campagne di phishing via e-mail preferendo sfruttare l’autorità e la reputazione incontaminata dei domini ufficiali di OpenAI e Anthropic. Ecco tutti i dettagli e come difendersi
Crisis Management: piani di comunicazione post-breach
Dopo un data breach o un attacco ransomware, la percezione pubblica dell’evento può influenzare reputazione, fiducia e continuità operativa quanto il danno tecnico stesso. Ecco perché, nel corso di una crisis management, la comunicazione è parte della difesa
The AI-orchestrated cyberespionage campaign that Anthropic disclosed in late 2025 , the most agentic offensive operation publicly documented, required humans at four to six decision points per campaign. Deterministic work is where agents earn their keep The work agents do well has a few features in common. Each of those tasks has a deterministic core: there is a right answer, the answer can be checked against ground truth, and the failure modes are bounded. The bulk of what arrives in an alert queue does not require judgment. Putting humans on that work doesn't make the work better. Ambiguous judgment is where humans stay irreplaceable The other layer is harder to describe because it is not a list of tasks. It is a property of certain decisions: they require judgment under ambiguity, with material consequences, on incomplete evidence. The right answer depends on context the model does not have access to: the user's recent project history, the company's quarterly close calendar, what the security team negotiated with that engineering manager last month, whether the org is in a sensitive contract renewal that would change the cost of a wrong call. The decision is not "is this malicious" but "what is the right next step given what we know and what we don't." Models hallucinate confidently in this space. When a model encounters ambiguity, it tends to produce a confident-sounding answer that pattern-matches to its training distribution rather than to the specific situation in front of it. Humans handle this layer not because humans are smarter than models in some general sense. Humans handle it because the calculus on ambiguous decisions involves stakes, context, and accountability that the model has no exposure to. The naive answer is "the agent handles tier-1, the human handles tier-3, tier-2 is the handoff." That description is roughly right but undersells what good handoff design actually requires. Over time, the model gets better at routing the same shape of case to the human earlier, and the false-positive surface narrows. Without it, the agent layer drifts and the human layer gets noisier over time. Every model verdict and every human decision is logged in a way that lets a third party reconstruct what happened and why. Is the decision deterministic, or does it require judgment under ambiguity? Is there context outside the alert data that materially affects the right answer? Processes that involve ambiguous judgment, asymmetric cost-of-error, or external context belong to humans. The right boundary is rarely "fully autonomous" or "fully manual." It is usually "agent processes the case to a specific point, hands to a human at the decision moment, human approves or modifies, system logs the decision." That design discipline, process by process, decision by decision, is the part that takes the longest and pays the most. The right question is "what kind of decision is this, and where should it live?" The answer comes out the same way every time. Deterministic work runs better on machines. Ambiguous judgment runs better through humans. The category does not yet have a clean answer for the second layer, and pretending it does is what produced the false dichotomy between "AI replaces analysts" and "AI is dangerous." Neither is right.
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutorial reveals about modern attacker workflows.
Microsoft blames unexpected Windows driver updates on caching issue
On Wednesday, Microsoft fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-updates.
Police dismantles fake ID marketplace used by migrant smugglers
French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union.
In May 2026, malicious code appeared inside packages used across NHS software projects. The software supply chain attack named Mini Shai-hulud by researchers
Tony Giandomenico, Senior Director of Product Management, joins Amy to discuss the Talos Threat Hunting launch what he's excited about for the future of cybersecurity, and, of course, his Ironman triathlons.
Tony Giandomenico, Senior Director of Product Management, joins Amy to discuss the Talos Threat Hunting launch what he's excited about for the future of cybersecurity, and, of course, his Ironman triathlons.