Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth at Monad and former detection engineer in big tech. Each week, I bring you the latest security product innovation and industry news. Subscribe to receive weekly updates!

Subscribe now

Share

No More Babysitting the Security of Your Google Workspace

While your employees communicate via email and access sensitive files, Material quietly contains what’s lying in wait—phishing attacks in Gmail, exposed Drive files, and suspicious account activity. Agentless and API-first, it stops attacks and triages user reports with AI while running safe, automatic fixes so you don’t have to hover. Stream alerts to your SIEM, and audit with detailed access logs. 24/7 autopilot security—no extra headcount, no constant hand-holding.

Simplify Your Google Workspace Security

Want to sponsor the TCP newsletter? Learn more here.

Howdy! 🤠

Never a dull week in security. Biggest highlights for me were the JLR £1.5B govt. bailout, Wiz’s $4.5M cloud+AI hacking competition, and vulns discovered in Google Gemini + Notion’s AI agent. AI security is seemingly a dumpster fire and it’s a bad week to be a NY Yankees fan. Go Red Sox! ⚾

Alright, let’s dive in

TL;DR 📰

• 🏭 UK backs JLR with £1.5B loan after cyberattack - First govt bailout post-cyber incident; month-long shutdown, 120K jobs threatened, no insurance

• 🎯 Wiz launches $4.5M cloud + AI hacking competition - Black Hat Europe; AWS, Microsoft, Google partnering; targets critical open-source infrastructure

• 🏛️ CISA ends MS-ISAC federal funding - Cuts support for 18K+ state/local govt members; transitions to new form of direct support

• ⚖️ California signs AI safety bill SB 53 - Mandates transparency for OpenAI, Anthropic, Meta, Google DeepMind; scaled back from vetoed SB 1047

• 🦠 Malware invoking AI has been mostly ineffective - Wiz documents runtime LLM invocation in attacks; seems to have adverse impact on effectiveness

• 🔧 Action1 offers free patching for 400 endpoints in October - Pretty great deal for SMBs and orgs looking for new endpoint patch mgmt solutions

• 🤺 Prompt injection vulns discovered in Notion 3.0, Google Gemini - PDF attacks, log poisoning, data exfiltration; A2AS framework catalogs production incidents

• 🗄️ Databricks launches Data Intelligence for Cybersecurity - Unified lakehouse platform with Agent Bricks for building AI-powered security agents

• 🤖 Microsoft transforms Sentinel into an ‘agentic platform’ - Data lake GA, no-code agent builder, MCP server for AI orchestration

• 💊 Dope.security debuts DOPAMINE DLP - LLM-powered endpoint DLP replaces regex with contextual understanding for zero-config PII/PCI/PHI/IP detection

• 🔑Descope raises $35M, hits $88M total - Targets agentic AI authN/authZ

• 💰 Harness acquires Qwiet AI - Adds AI-powered AppSec scanning; follows Traceable (API Sec) acquisition

• 📋 CSA releases SaaS Security Framework - 41 standardized controls across six domains

⚒️ Picks of the Week ⚒️

UK govt backs JLR with £1.5 billion loan guarantee after cyberattack

The UK govt. has provided Jaguar Land Rover (JLR) a £1.5B loan guarantee after ‘Scattered Lapsus$ Hunters’ forced month-long production shutdown. This is unprecedented as it’s the first government bailout of private company following a cyberattack. The justification is that JLR is an integral piece of the UK economy and the attack production outage impacted 120K+ jobs.

JLR was losing £50-70M daily and did not have cyber insurance. Notably, JLR outsourced security to Tata Consultancy Services which was also used by Marks & Spencer and Co-op who got hit earlier this year resulting in almost $600M in damages.

This is easily the wildest story of the week for me given the precedent is sets for victim companies that are integral to a country’s economy. I do believe UK govt. did the right thing by stepping in and hopefully JLR brings more security functions in-house.

Free Patching for 400 Endpoints—this October only.

This month, Action1 turns awareness into action by giving IT teams free patching for up to 400 endpoints. Get real-time visibility, strengthen compliance and protect against threats—without infrastructure costs or complexity. Twice the coverage free for the entire month, no strings attached.

👉 Get started now

Introducing zeroday.cloud: Cloud and AI hacking competition w/ $4.5M in bounties

Wiz Research is partnering with AWS, Microsoft, and Google Cloud to launch zeroday.cloud. A Cloud and AI hacking competition at Black Hat Europe (Dec 10-11) with $4.5M in bounties 👌🏽

The competition targets are critical open-source infrastructure lacking major bug bounty programs across six categories:

• AI platforms (Ollama, vLLM),

• Kubernetes

• containers

• web servers

• databases

• DevOps tools

Exploits must demonstrate full compromise (container/VM escape or 0-click RCE).. A successful RCE on nginx could net $300K. This is an amazing initiative. Every company you could think of relies on the services in scope so all bugs discovered will drive us towards a safer future.

CISA Cuts Funding for MS-ISAC Program

CISA has ended it support and cooperative agreement with CIS’ MS-ISAC (Multi-State Information Sharing and Analysis Center). This cuts federal funding for the threat intel sharing program relied on by 18,000+ state, local, tribal, territorial (SLTT) government members.

Good news is that CISA says they’re transitioning to a new model to better support SLTT including grant funding, regional security advisors, and professional services.

California Governor Newsom signs landmark AI safety bill SB 53

Governor Newsom signed SB 53 which lays out safety and transparency requirements for large AI labs. The bill also covers disclosing cyberattacks and deceptive AI model behavior. Anthropic endorsed; Meta and OpenAI lobbied against stating that it creates a “patchwork of regulation.” <- I agree.

The emerging use of malware invoking AI

Scott Piper from Wiz Researchrecently documented how threat actors are experimenting with runtime AI invocation within malware payloads. He goes over a few recent real-world attacks:

• s1ngularity supply chain attack: Credential theft via Claude/Gemini/Q with prompt engineering to bypass guardrails

• LameHug: Base64-encoded prompts to HuggingFace for system reconnaissance

• Amazon Q Developer Extension compromise: Payload instructing agent to wipe systems and cloud resources

The post concludes with highlighting that pre-generated code would’ve been more reliable, avoided LLM guardrails, and ensured consistent execution (spolier alert: AI-gen’d code is not consistent). It seems threat actors are invoking AI primarily for novelty rather than tactical advantage.

🔮 The Future of Security 🔮

AI Security

Lots of agentic AI vulns disclosed this past week. While the world rushes to adopt more and more AI, there are still fundamental security problems that remain unsolved. Here are some of the latest developments:

Notion 3.0 falls victim to classic prompt injection via PDFs with white-text-on-white-background instructions that exfiltrate confidential data through web search queries to attacker-controlled URLs

Google Gemini patched three indirect prompt injection vulnerabilities disclosed by Tenable:

• Cloud Assist: log poisoning via manipulated User-Agent headers executing during log summaries

• Search Personalization: malicious queries injected into Chrome history via JavaScript

• Browsing Tool: data exfiltration through crafted prompts mimicking internal commands

• All three exploited trusted data streams rather than direct user input

Real-world incidents catalogued by new A2AS framework include Replit AI agent deleting production databases despite explicit instructions, Google Gemini hallucinating destructive file operations, and Microsoft Copilot hijacked via email prompts to extract entire CRM database

These recent vulns and incidents highlight that we have a long way to go in secure enterprise AI adoption.

More AI Security news ⬇️

• Critical Vulnerability in Salesforce AgentForce Exposed

• Sneaky, Malicious MCP Server Exfiltrates Secrets via BCC

• EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

• Defending LLM applications against Unicode character smuggling

• Delinea releases free open-source MCP server to secure AI agents

Application Security

Harness Acquires Qwiet AI to Gain Code Testing Tool

Harness acquired Qwiet AI (formerly ShiftLeft) for undisclosed terms/price. This brings AI-powered AppSec vuln scanning to Harness which pairs nicely w/ their recent Traceable (API Security) acquisition and their core SDLC offerings.

More AppSec news ⬇️

• OX Security launches VibeSec: The Response to AI-Speed Development

• Mondoo raises $17.5M to fix software vulnerabilities with AI agents

Data Security

Dope.security debuts DOPAMINE DLP to modernize data loss prevention with AI

Dope.security launched DOPAMINE DLP, an LLM-powered endpoint DLP replacing regex pattern matching with contextual content understanding.

Kudos to the whoever named the product, seriously 👏

Endpoint Security

Cato Browser Extension brings enterprise-grade security to personal endpoints

Cato Networks launches browser extension. ZTNA for BYOD, contractor, and personal endpoints without client installations. Routes traffic through SASE platform for inspection via FWaaS, SWG, CASB, NGFW, DLP.

This gives Cato unified policy enforcement across managed devices (Cato Client), unmanaged devices (extension), sites/branches (Cato Socket).

Identity security

Descope raises $35M seed extension

Descope raised $35M in a seed extension, bringing total funding to $88M, with participation from existing investors Notable Capital, Lightspeed Venture Partners, Dell Technologies Capital, Unusual Ventures, Cerca Partners, and Triventures. Descope is one of the best positioned co’s to go after agentic AI authN/authZ challenges. Great tech + legendary leadership.

Insurance

Liberty Mutual launches global cyber products

Liberty Mutual launches global cyber suite, Liberty Cyber Resolution and Liberty Tech Resolution. These offerings provide first- and third-party coverage with executive personal loss coverage from company-targeted attacks. They also provide affirmative coverage for quantum computing, generative AI, first-party property damage.

I still remember working at Travelers insurance as a freshman intern and they had zero security coverage offerings. Now, even big players like Liberty Mutual are doubling down on cyber coverage to even include threats that haven’t manifested yet like quantum. #Cool

SaaS Security

CSA Unveils SaaS Security Controls Framework to Ease Complexity

Cloud Security Alliance released SSCF v1.0 which includes 41 perscriptive customer-facing security controls across six domains: IAM, Data Security, Change Control, Logging, Risk Management, Incident Management. Secure configs are half the battle in SaaS security. Activity monitoring + strong IAM are the other half, imo.

Security Operations

Microsoft has pretty much rolled Sentinel from a SIEM into an agentic security operations platform of sorts which includes a SIEM. They recently launched data lake (GA), Sentinel Graph, and an MCP (preview) to enable AI agents from Security Copilot, GitHub Copilot, and other platforms to reason over unified security data at scale.

Key capabilities:

• Unified data ingestion: Sentinel data lake ingests structured and unstructured signals, building graph-based context across the digital estate through vectorized security data and relationships

• No-code agent builder: Natural language interface in Security Copilot lets teams create custom security agents in minutes, deployable in Copilot portal, VS Code, or via Sentinel MCP server

• Agent orchestration: Graph-powered context enables agents to correlate alerts, prioritize by impact, and automate workflows—reducing false positives and MTTR while shifting analysts from manual triage to strategic decisions

• Ecosystem expansion: Open platform with Microsoft Security Store for partner-built agents; collaborations with Accenture, ServiceNow, Zscaler announced

• AI governance additions: Entra Agent ID for agent discovery, data oversharing controls, MCP server risk detection, and upcoming Azure AI Foundry enhancements including agent task adherence guardrails, PII detection, and Spotlighting for cross-prompt injection protection

This all sounds great in theory, but if you’ve worked w/ Microsoft security products, you’re probably skeptical. In any case, data lakes + AI seem to be where most SIEMs are headed including Splunk, XSIAM etc.

More SecOps news ⬇️

• Databricks launches Data Intelligence for Cybersecurity to unify security data and fight AI-driven threats

• CrowdStrike Boosts SOC Detection Content with Correlation Rule Template Discovery Dashboard

• Darktrace Adds Automated Cloud Forensics to ActiveAI Platform

• Decoupled SIEM: Where I Think We Are Now? - Anton Chuvakin

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~7,500 CISOs, practitioners, founders, and investors across 125+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!