Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth at Monad and former detection engineer in big tech. Each week, I bring you the latest security product innovation and industry news. Subscribe to receive weekly updates!

Subscribe now

Share

Triage Your Vulnerability Backlog with AI Agents

Vulnerability management is broken; bloated backlogs, endless false positives, and constant pressure. Maze was built to solve the broken process with AI agents that autonomously triage and resolve cloud CVE findings.

Faster fixes, fewer escalations, and finally, only working on vulns that actually matter.

Get a Demo

Want to sponsor the TCP newsletter? Learn more here.

Howdy! 🤠

Fall is in full effect and it’s no different in the security space. Significant burst of fundraising from the EU security scene this past week with ~$90M raised across 3 companies. This week’s sponsor, Maze, has also made a major splash on the vuln management and EU scene with rapid headcount and customer growth. $31M seed raised earlier this year. EU cyber is on fire.

More highlights from this past week were OpenAI and Anthropic giving us a behind the scenes look at what their security R&D teams have been up to. More on that in the sections to come.

On the personal side, lots of padel and laying brick after brick at Monad 🔨

Alright, let’s dive in!

TL;DR 📰

• 🎭 OpenAI has disrupted 40+ malicious AI campaigns - Russian, Chinese, NK state actors using ChatGPT for influence ops, phishing, malware

• 📖 GTIG releases ShinyHunters defense guide - Detection and hardening recommendations for defending against UNC 6040

• 🎯Threat Hunting + AI Top Security Investment Priorities PwC Finds - Survey of 3,887 execs across 72 countries

• 🏴‍☠️ North Korean hackers steal record $2B in crypto - 30+ crypto-heists attributed to NK actors this year, mostly via social engineering; $2B+ total

• 🧪 Anthropic’s Claude Sonnet 4.5 doubles security capabilities - 76.5% success on Cybench challenges. Patching at 15% accuracy

• 🏗️ AWS releases EKS Auto Mode security whitepaper - Fully-managed K8s worker nodes eliminate need for managed node groups

• 📧 Varonis unleashes Interceptor, AI-native email security. I’d imagine this builds on the core capabilities from their SlashNext acquisition in September.

• 🤝 September M&A roundup: 40 security deals - Big month with Mitsubishi’s Nozomi acquisition being the largest ($883M)

• 🎣 MokN raises $3M for phish-back honeypots - French startup deploys bait pages to catch attackers using phished credentials; alerts only on successful auth

• 📈 Oneleet raises $33M Series A - Amsterdam startup combines attack surface management, code scanning, and GRC; tackles both compliance and security

• 🚀 Filigran raises $58M Series C - French exposure management platform backed by threat intel and adversary emulation; Eurazeo leads round

⚒️ Picks of the Week ⚒️

How OpenAI disrupts malicious uses of AI - October Edition

OpenAI and other foundation model labs have a front-row seat at how attackers weaponize AI. OpenAI has disrupted over 40 threat campaigns over the past 18 months and in this 37pg report, they go over a few of the more prominent campaigns and how they’ve observed (and prevented) attackers weaponizing ChatGPT.

Campaigns include Russian, Chinese, and North Korean state actors. Tactics include generating AI videos for influence operations to generating better phishing emails to malware development. OpenAI concludes that their models helps identify threat campaigns 3x more than enable them and that most nefarious AI use is to help automate tedious tasks as opposed to developing novel TTPs.

Read the full pdf here

GTIG releases security guidance to defend against ShinyHunters

Google Threat Intelligence Group (GTIG) has released a (very) comprehensive guide on how to detect and protect against ShinyHunters (UNC 6040) group which is responsible for some of the highest profile breaches over the past 2 years.

The report covers their attack patterns, detection opportunities, and hardening recommendations. Massive kudos to the GTIG team. Highly recommend dissecting this if you’re responsible for SaaS, Cloud, and/or SecOps. Big alpha in it.

Report here.

Threat Hunting + AI Top Security Investment Priorities - PwC Survey

PwC surveyed 3,887 executives across 72 countries on cybersecurity readiness in a “post-globalization era.”.. Whatever that means lol

Anyways, I think the two most interesting data points are security leaders top priorities over the next year (depicted above) and the fact that 51% of orgs surveyed are rolling out or testing quantum-resistant ‘measures’.

North Korean cryptojackers have stolen over $2 billion in crypto this year

With 3 months left in the year, NK-linked attackers have already recorded an annual record high w/ $2B stolen in cryptocurrency. The Bybit exchange hack back in Feb. is probably the most notable coming in at $1.46B. ~30 ‘crypto-heists’ have been attributed to NK actors this year w/ most being via social engineering. Why burn 0-days when you can send fake job offers?

In all seriousness, that’s a lot of money. Where’s it all going?

New AWS whitepaper: Security Overview of Amazon EKS Auto Mode

Amazon EKS Auto Mode is a service that provides fully-managed worker node operations, eliminating the need for customers to set up Managed Node Groups or AutoScaling groups . This aims to reduce the operational burden of setting up and managing K8s clusters. Not sure how I feel about this for critical workloads but worth a shot given Amazon’s scale + proven track record.

Check out the white paper here.

Cybersecurity M&A Roundup: 40 Deals Announced in September 2025

Lots of money and companies exchanged hands in security this past month. 40 total M&A deals. AI security + data pipeline segment on fire. Notable acquisitions included:

• Mitsubishi Electric acquiring Nozomi Networks for ~ $883 million in cash to take full ownership.

• Check Point plans to acquire Lakera (reportedly ~$300 million)

• Cato Networks acquiring Aim Security (estimated $300–350 million)

• CrowdStrike acquiring Pangea (roughly $260 million)

• F5 acquiring CalypsoAI for $180 million

🔮 The Future of Security 🔮

Application Security

Anthropic - Building AI for Cyber Defenders

Anthropic released Claude Sonnet 4.5 with better security capabilities, achieving 76.5% success rate on Cybench challenges (doubled from 35.9% six months ago).

The model matches or beats their flagship Opus 4.1 at finding vulnerabilities while being cheaper and faster. Anthropic explicitly focused on defensive capabilities like vulnerability discovery and patching.

Re: patching - 15% of the Claude-generated patches were judged to be “semantically equivalent to the human-generated patches.”

In conclusion, vuln discovery + reproduction = getting better. Vuln patching accuracy = long way to go.

Email Security

Varonis Unleashes Interceptor: AI-Native Email Security

Varonis unveils Interceptor, AI-native email security. I’d imagine this builds on the core capabilities from their SlashNext acquisition in September. Varonis is deeply integrated across the data and AI stack, by cross-pollinating signal/context and adding email security capabilities, I’d say they have one of the most potent email security solutions on the market.

Kudos to Varonis on the rapid integration of SlashNext!

Identity and Access Management Security

MokN Raises $3 Million for Phish-Back Solution

MokN, a French security startup, has raised a $3m seed. I must say I’m impressed. They deploy ‘Baits’/honeypot page to lure attackers into inputting phished credentials. In theory, you’re only alerted when attackers successfully authenticate. Novel approach to an age-old problem.

Governance, Risk, and Compliance

Oneleet Raises $33 Million for Security Compliance Platform

Amsterdam-based Oneleet has raised a $33m Series A. The startup pairs attack surface management with code scanning and GRC. Love to see vendors prioritizing both sides of the coin. Compliance is not true security and security does not equal compliance. You need to nail both and most vendors only do one or the other.

More GRC news ⬇️

• Zania Raises $18 Million for AI-Powered GRC Platform

Security Operations

BlueVoyant and Axio Join Forces to Bring Clarity to Cybersecurity Value

BlueVoyant and Axio have partnered to integrate Axio’s cyber risk quantification tech with BlueVoyant’s security operations platform. The goal: generate ROI-style reports for security investments

Vulnerability Management

Filigran Raises $58 Million in Series C Funding

Filigran, a French security startup, has raised a $58m Series C from Eurazeo’s Growth team, with additional support from Deutsche Telekom (T.Capital) and previous investors Accel and Insight Partners.

The company does exposure management backed by threat intel and adversary emulation.

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~7,500 CISOs, practitioners, founders, and investors across 125+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!