Welcome to The Cybersecurity Pulse (TCP)! I’m Darwin Salazar, Head of Growth at Monad and former detection engineer at Datadog. Each week, I bring you the latest security innovation and industry news. Subscribe to receive weekly updates! 📧

Subscribe now

Share

Hi 👋 - Hope you’re having a great week wherever you’re reading from!

The past 7 days have felt like 582 days lumped into a single week, on all accounts. On the personal front, I shipped Pt. II of my OpenAI Codex Logs detection series and Monad won 2 Latio awards for user reliability and being a data pipeline leader. A true testament of how much the team has been cooking and what’s to come :)

I’ve been working a fair bit on AI tooling visibility and will share what I’ve come across so far soon so stay tuned on that front. For now, the Monad blog has the most recent updates.

Aside from that, more Mythos news of course, loads of funding (you’d think Blackhat is next week), and Opus 4.8 finds a very expensive bug.

TL;DR ✏️

• 🤷🏽‍♂️ Claude Opus found a bug causing $3B wipeout in Zcash — A public model surfaced a 4-year-old Orchard flaw in 24 hours; ZEC cap got cut in half.

• 🪶 Anthropic ships Claude Fable 5 — First public Mythos-class model, gated by a classifier layer a state-level team already cracked.

• 🔮 Salesforce’s triage agent hits 95% — SATA matches analysts on triage across 80,000 employees, if you have Salesforce’s budget.

• 🎥 fwd:cloudsec 2026 talks are live — All 38 sessions free on YouTube, heavy on agentic and neocloud risk.

• 📈 Cyera $600M round at $12B valuation — Led by Evolution Equity; valuation doubled since January. 7th major funding announcement.. Series G?

• 🥷 NinjaOne lands $400M+ secondary — Profitable, $500M ARR, and shopping for partners, not runway.

• 📊 Datadog drops 100+ features at DASH — AI Guard targets prompt injection; Agent Console monitors Claude Code, Cursor, Copilot.

• 🔑 Opal raises $23M for AI-native identity — Governs access for humans, service accounts, and agents; five senior hires alongside.

Plus: Kramer and Kurtz pile into the same Series A, AI-native identity keeps pulling checks, and an agentic vuln remediation continues its streak.

Your Agents Just Got Interactive

New from BlinkOps: interactive agents. Over a year ago we shipped the first natural language agent builder in security, where you set an agent's role, guardrails on how it reasons, limits on what it can do, plus its abilities and knowledge. Now those same agents are interactive.

Open a standalone chat and put one to work, ask questions, run an investigation, act on your policy, no workflow required. The agentic layer for SecOps just got hands-on.

See it in action

⚒️ Picks of the Week ⚒️

Claude Opus 4.8 Found a Zcash Bug That Wiped $3B in Market Cap

More than $3 billion in Zcash market cap vanished after a researcher pointed Claude Opus 4.8 at the Orchard shielded pool and found a critical flaw inside 24 hours. ZEC ran to a $624 peak on June 4 as the market read the emergency fix as bullish, then cratered to the low $300s the next day, cutting the cap in half. Arthur Hayes dumped his entire position on the way down.

Taylor Hornby, hired by the Zcash team to hunt exactly this, used the model the day after Opus 4.8 shipped and surfaced a bug that had been live since Orchard launched in May 2022. A validation check that looked like it was enforcing the rules wasn’t, so an attacker could feed false inputs and double-spend inside the shielded pool while the zero-knowledge proof system signed off as legitimate 🤯

The wild part is the because Orchard is a privacy pool, there is no cryptographic way to determine whether the bug was exploited at any point in those four years. The team’s assessment is that exploitation was unlikely, but they’re explicitly telling users not to rely on that, and are pursuing a network upgrade called “turnstile accounting” that forces every Orchard coin through a verifiable checkpoint to expose any counterfeit supply.

Between DPRK having stolen $7B+ in crypto and security kerfuffles like this in privacy/security-oriented coins, I truly don’t see cryptocurrency picking steam back up. The trust is gone and then there’s the looming threat of

Dig Deeper: Shielded Labs disclosure thread | Yahoo Finance on the undetectability problem

Anthropic Brings Mythos to the Masses With Claude Fable

Anthropic shipped Claude Fable 5, the first public model in the Mythos family, the one they sat on in April because it was “too good at finding bugs”. The whole release hinges on a safeguard layer, so that’s where the attention belongs. Also uses 2x the tokens as Opus 4.8 so use carefully.

Fable 5 runs separate AI classifiers in front of the model. Trip one on cybersecurity, biology and chemistry, or distillation and the request gets handed to Claude Opus 4.8 instead. The cyber net is widest, covering the full agentic kill chain (recon, lateral movement, exploit-gen), and Anthropic says it stops Fable from making any progress on offensive tasks. Over 95% of sessions never hit a fallback; bio and chem are tuned hardest and mostly punt to Opus for now.

We just watched a public Opus model find a four-year-old Zcash flaw in 24 hours. The capability is proven. The guardrail is two months old and a state-level team already found a seam. Bet accordingly.

Dig Deeper: Anthropic’s announcement | TechCrunch

Salesforce Built an AI Agent That Triages Security Alerts at 95% Analyst Agreement

Salesforce dropped an autonomous triage agent, SATA (Security Alerts Triage Agent), into production across 80,000 employees and is claiming ~95% agreement with human analysts.

Triage context is scattered across the case system, the log platform, and the runbook tooling stitched across it, and the logs are too fat to shovel into a model’s context without timing out. Salesforce had the agent call SOAR workflows to fetch only the slice each decision needs, ran multiple agents over the same case, and let a confidence score kick the inconclusive ones back to humans.

Salesforce is about as well-instrumented as a security org gets. $140B+ market cap, compute to burn, and an in-house agent platform in Agentforce their security teams already lean on hard, one of those agents has reportedly chewed through 44,000+ prompts and clawed back 3,000+ analyst hours. SATA is the autonomous-triage extension of a muscle they’ve built for two years.

Great write-up on what it takes to roll your own triage agent that is actually good.

fwd:cloudsec North America 2026 Talks Are Live on YouTube

All 38 talks from fwd:cloudsec North America 2026 are up on YouTube, free. This is the one cloud security con that isn’t a vendor pitch deck in disguise: independent, community-run, attack and defense research with the honest discussion of where security features actually fall short. This year’s theme leaned hard into agentic and neocloud risk. As a taste, Upwind’s Dan Gansel demoed C2 through an AWS data perimeter via Bedrock-AgentCore, abusing trusted AI services to slip past perimeter controls, plus the CloudTrail signals to catch it. Block out a weekend. This is the highest signal-to-noise content in the space right now.

Fun fact: I presented at fwd:cloud in 2022 on leveraging Azure Resource Graph for good and for evil 😈.. Easily in my top 3 of conferences.

Cyera Raises $600M at $12B Valuation

Cyera closed a $600M round at a $12B valuation, led by Evolution Equity Partners with participation from Cyberstarts, Temasek, and all existing investors including Accel, Blackstone, and Coatue.

That’s $2.3B raised total, with the valuation doubling since January’s $400M round at $9B and quadrupling over two years. The pitch has evolved from DSPM into an AI trust layer: this year’s AI Guardian launch positions Cyera as the control plane for what AI agents can see and touch across enterprise data.

Five months between mega-rounds at a 33% valuation bump is less about needing capital and I’d imagine for more acquisitions, GTM, and capitalizing on good raising conditions.

🔮 The Future of Security 🔮

AI Security

Datadog Launches 100+ Features at DASH, Leans Into Agent Security

Datadog unveiled more than 100 capabilities at DASH, its annual conference and the company’s biggest product moment of the year. The headline is Bits AI expanding from root cause analysis into autonomous detection, investigation, and remediation under predefined guardrails.

The security drops:

• AI Guard: blocks prompt injection and agent poisoning by pairing agent telemetry tracing with behavioral anomaly analysis, catching what single prompt-and-response checks miss

• Agent Console: centralized monitoring for AI agents and agentic dev tools, including Claude Code, Cursor, and GitHub Copilot

• Bits Detection and Agent Evals: always-on infrastructure scanning plus debugging and fix generation for AI agents

Datadog is my former employer so it’s super good to see them keep pounding the momentum. The observability data was always the moat, and pointing it at agent security is the right move.

More AI Security News

• Zscaler launches AI Broker and Endpoint AI Security for agents

• Snowflake and 1Password tackle the growing challenge of securing AI agents at scale

• OpenAI Unveils ChatGPT Account Security Controls

Cloud Security

Aryon Security Raises $25M Series A

Aryon raised a $25M Series A led by Brightmind Partners and Shlomo Kramer’s Skinos Ventures, with Datadog Ventures and CrowdStrike CEO George Kurtz participating; total funding hits $38M since late 2024.

The founders came out of Matzov, the IDF’s cyber defense unit, and built the company on lessons from securing Project Nimbus. Kramer and Kurtz on the same cap table is a strong signal for a 44-person company.

Endpoint Management

NinjaOne Secures $400M+ in Secondary Funding

NinjaOne raised over $400M in secondary funding, the second extension of its 2024 Series C, with CapitalG, Sequoia, and ICONIQ participating. The company says it crossed $500M ARR in 2025, turned profitable last quarter, and self-reports nearly 40,000 customer organizations. President Chris Matarese was blunt that the raise wasn’t about capital: “we used this round as an opportunity to pick the best possible partners.” A profitable endpoint management player taking secondaries at this size reads like pre-IPO positioning, not runway

Identity Security

Opal Security Raises $23 Million for AI-Native Identity Governance

Opal Security raised $23 million led by Greylock and Battery Ventures, bringing total funding to $59 million. The company governs access for employees, service accounts, and AI agents: just-in-time access by default, risk-based revocation, policy-as-code enforced across cloud, SaaS, and on-prem.

Opal also announced five senior hires in one shot, including a new CPO and CTO. A leadership overhaul of that size alongside fresh capital reads like a relaunch around agent identity, the lane every IGA vendor is now racing toward.

More Identity Security News

• Offroad launches with $7M to automate identity security with AI agents

• CrowdStrike and Zscaler Bring Continuous Identity to Zero Trust Access

Offensive Security

A Security Raises $37 Million for Autonomous Offensive Security Platform

A Security left stealth with $37 million to fight AI-driven attackers with AI of its own. The platform runs offensive and defensive agents continuously, chains vulns into real cross-domain exploit paths, proves exploitability through scoped execution with audit trails, then remediates at the source. Founders Yossi Torati (ex-Sygnia), Omer Gull, and Yuval Itzchakov (both ex-Hunters) pulled in Lightspeed, Cyberstarts, and angel checks from Wiz CEO Assaf Rapaport and Cyera CEO Yotam Segev.

AI-assisted OffSec is a crowded, well-capitalized field. Armadin, Kevin Mandia’s new outfit, took $189.9M in March, the largest early-stage raise in cybersecurity history. XBOW has raised north of $270M at a $1B+ valuation. Horizon3.ai sits near $186M and already powers the NSA’s autonomous pentest program. MindFort, ADCL, and a dozen more pitch the same “AI red-teamer that never sleeps” line.

It’s a long road ahead for this domain and everyone competing in it.

Vulnerability Management

Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation

Emphere raised a $2.1 million pre-seed from AI2 Incubator and Outsiders Fund to automate vuln remediation. The platform maps the software dependency graph to determine what is actually exploitable, then executes, validates, and ships patches without breaking downstream builds.

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of 20,000+ CISOs, practitioners, founders, and investors across 135+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!