Ai-Security

🟢 Low | Source: Schneier on Security Researchers are applying machine learning techniques to crack historical hand-written ciphers used in medieval correspondence, including diplomatic and personal communications. While academically fascinating, this work demonstrates that AI can systematically analyse and break pattern-based encryption schemes that were previously considered too obscure to decode at scale. It highlights the broader capability of AI to accelerate cryptanalysis against weak or legacy cipher designs. Architect’s Take: No immediate action is required, but this research serves as a timely reminder to audit any legacy or proprietary encryption schemes in your environment — AI-assisted cryptanalysis lowers the bar for breaking non-standard ciphers. Ensure all sensitive data at rest and in transit is protected by modern, well-vetted standards such as AES-256 and TLS 1.3, and avoid reliance on security through obscurity. ...

🟢 Low | Source: The Register — Security Anthropic has expanded its Glasswing partner programme fourfold, inducting 150 new organisations including the first non-US members, while UK banks have notably been excluded from the initiative. In parallel, OpenAI is offering UK financial institutions access to GPT-5.5, highlighting a competitive dynamic in AI partnerships within the regulated financial sector. The exclusion raises questions around data sovereignty, regulatory compliance, and which AI vendors UK-regulated entities can practically partner with. ...

🟢 Low | Source: The Register — Security Anthropic has expanded its Glasswing partner programme fourfold, inducting 150 new organisations including the first non-US members, while UK banks have notably been excluded. OpenAI has moved to fill the gap by offering UK financial institutions access to GPT-5.5. The development highlights growing competitive dynamics in enterprise AI access and raises questions about supply chain concentration risk for financial sector security teams. Architect’s Take: Cloud security architects in UK financial services should assess the security posture, data residency commitments, and compliance certifications of any AI provider they are offered as an alternative — do not treat OpenAI’s GPT-5.5 access as a like-for-like replacement for Anthropic without conducting due diligence on API security controls, data handling agreements, and regulatory alignment with FCA/PRA expectations. ...

🟢 Low | Source: The Register — Security Cisco has publicly praised its AI model ‘Mythos’ for its performance in automated vulnerability discovery but has declined to disclose the number of bugs it actually found. Separately, Anthropic has expanded its Project Glasswing initiative by adding 150 new partners, signalling growing industry investment in AI-driven security tooling. The opacity around Mythos’ results raises questions about transparency and how organisations should evaluate AI security claims. ...