Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

RK3588 Chip Gains Traction in Security and Edge AI Hardware

Security camera manufacturers and edge AI developers are increasingly building around a single processor: the Rockchip RK3588, a system-on-chip designed to run AI workloads locally rather than depending on cloud infrastructure. As detailed by KiwiPi, the chip's built-in Neural Processing Unit is the main reason it has become a preferred choice for devices that need fast, on-device recognition and analysis.

From Viral Social Media Sensation to Mobile Gaming Partnership: Inside Vozinha's Deal with UFL

The intersection of unexpected sporting success and digital viral phenomena has created an entirely new blueprint for athlete monetization and brand building in the modern mobile era. This dynamic is clearly illustrated by Cape Verdean national goalkeeper Vozinha, whose sudden rise to global online prominence has swiftly translated into a major commercial partnership within the gaming sector.

The Internet Knows More About You Than Your Neighbors Do

A few years ago, online privacy felt like something reserved for tech experts, conspiracy theorists, and people who covered their laptop cameras with tape. Today, it feels a lot more personal. Every online purchase, every account sign-up, every late-night search, and every public Wi-Fi connection- there are little digital footprints left. All by themselves, they are not that dangerous. They form an amazingly comprehensive profile of yourself.

Sophos Launches Sophos Fusion, the Industry's First and Most Complete AI-Native Cybersecurity Defense System

Built for a threat landscape reshaped by AI, Sophos Fusion unites security operations, endpoint, network security, identity, email, and cloud into one defense system that prevents, detects, investigates, and responds at AI speed.

Pulse Security Debuts Operational Management Platform Built for Security Leaders

Backed by Foundation Capital and Zetta Venture Partners with $8M in seed funding, Pulse Security delivers the program intelligence and agentic infrastructure that security leaders have been missing. Pulse Security AI launched from stealth today to solve a problem the security industry has spent decades ignoring: giving the leader who runs the program the same operational foundation every other business function takes for granted.

Ep. 68 - Why OWASP's AIVSS Scores Agentic AI at Maximum Risk

OWASP just shipped AIVSS — an entirely new vulnerability scoring methodology built for autonomous AI agents, where a compromised orchestrator can score a perfect 10. Host Tova Dvorin and Adrian break down the "amplification principle": why a 2.1 CVSS finding becomes a 7.1 in the wrong agent, how persistent memory and broad tool access expand every blast radius, and what EchoLeak-style attacks already mean for real deployments. Plus where adversarial exposure validation and SafeBreach's agentic AI coverage fit in.

Ep. 67 - The Axis of Disruption: APT41, Volt Typhoon, and the China-Russia Cyber Alliance

For years, Beijing and Moscow kept their cyber tools apart. Not anymore. Hosts Tova Dvorin and Adrian Culley unpack the "no limits" partnership gone operational — the ESA/Galileo satellite attack where a Chinese Volt Typhoon cell opened the door and Russian AcidRain wiper code did the damage. We cover: APT41 running Russian exploit kits, Salt Typhoon pre-positioned in US telecom, China's 72-hour zero-day disclosure law feeding vulnerabilities to Russia, and the CVSS-10 Grimbolt flaw. Why continuous validation and a CTEM program are your best defense against the axis of disruption.

Ep. 66 - Poisoned Pipelines: TeamPCP and the FBI Flash on Weaponized Dev Tools

A criminal crew with APT-grade patience is trojanizing the very tools defenders trust. Host Tova Dvorin sits down with Adrian Culley to break down FBI FLASH-20260702-01 (coordinated with CISA) on TeamPCP — the group compromising Trivy, KICS, LiteLLM, and the Telnyx SDK to sit inside CI/CD pipelines. Inside: the CanisterWorm and SANDCLOCK credential stealers, the self-replicating "Mini Shai-Hulud" worm across npm and PyPI, npm account takeovers via expired recovery domains, and five concrete defenses — starting with searching your GitHub org for "tpcp-docs" right now.

Ep. 65 - "Months, Not Years": The Five Eyes AI Warning and Your Security Program

On June 22, 2026, the heads of all six Five Eyes cyber agencies — GCHQ, CISA, the NSA, ASD, the Canadian Centre, and New Zealand's GCSB — signed a rare joint statement: AI has rewritten the cyber risk timeline, and it's months, not years. Host Tova Dvorin and offensive security expert Adrian Culley unpack why AI is collapsing the window between vulnerability and exploit, why "having controls" isn't the same as proven controls, and why legacy systems are now strategic liabilities for the board, not the IT team. A clear-eyed look at validation, assumed breach, and what CISOs should do Monday morning.