Yesterday I attended the first Democratic Tech Alliance (DTA) Assembly over at the European Parliament.

@bert_hubert thanks for the writeup! I sincerely hope such a politically broad grouping can survive

"the [Microsoft] harness does the work, and the [other people's] model is one input."

"Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark"
By Taesoo Kim, Vice President, Agentic Security, Microsoft. 12 May 2026

Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog

Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH).

Microsoft Security Blog (www.microsoft.com)

@bert_hubert link (pdf) to the JRC report "Open but Not Powerless: Towards a Common Understanding of EU Digital Sovereignty"

https://publications.jrc.ec.europa.eu/repository/bitstream/JRC144908/JRC144908_01.pdf

This post did not contain any content.

@buherator @icing so far I've come across two examples, one being the UK NHS. know of any others?

The scarce input to the vulnerability ecosystem was human attention. That input is no longer scarce.

The structures built on attention scarcity — pricing, disclosure norms, triage infrastructure, investment models — are breaking or bending.

The scarce input is now remediation capacity: the people, institutions, and processes that can turn a finding into a fix and get the fix deployed.

Every economic and policy question in this space should be re-read with that substitution in mind.

None of this requires haste or drama. It requires the steady, well-resourced execution of commitments governments have already made, and the discipline to resist both complacency and overreaction.

@HalvarFlake "The Wreckoning"

@Viss the "wreckoning"

@bagder "you're right to push back on that. let me rephrase..."

@meartur fully agree! there must be a measurable "return" to justify any, even negligible, investment.

The best source i could find on the attacker perspective on this issue was the paper below.

According to the the paper, attackers will squeeze all the juice out of a working exploit before looking for a new one. Attackers will keep "harvesting" the same field (subset of software) as long as it remains fertile (i love analogies ).

This was pre-LLM. We may have to wait for some empirical evidence...on modern farming practices.

Allodi, L., Massacci, F. and Williams, J. (2022), "The Work-Averse Cyberattacker Model: Theory and Evidence from Two Million Attack Signatures."

Checking your browser - reCAPTCHA

(pmc.ncbi.nlm.nih.gov)

Dance like nobody's watching,

Code like every LLM is.

️ @meartur

Automation or Innovation?

Absorption or Containment?

"Does AI-assisted vulnerability discovery represent a categorical innovation in offensive cyber capability — a new class of finding previously unreachable by any combination of human and tool — or does it represent the automation and scaling of methods that already existed in the security-research repertoire?

The policy responses appropriate to each framing diverge sharply."

https://codeberg.org/tzafaar/Buffers_overflow_into_policy/src/branch/main/briefing%20notes/innovation-or-automation-v5.md

@bagder spectacular result! Huge congratulations to the entire team! Made my day

@fj I can neither confirm nor deny that I feel seen...

@icing @bagder

I asked claude to check something. it did. I saved the result.

I upload the result - again to claude - for a second pass. Hit the guard rail.

2nd time today.

Have no idea what's going on

@wdormann

RE: https://infosec.exchange/@cR0w/116534744285328166

as @spaf very eloquently said in his recent blog: "Until the production process changes, the cleanup never ends."

@hpod16 share buttons next