Project Overwatch
@project-overwatch.bsky.social
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience. We provide insightful analysis and actionable intelligence to help you navigate our rapidly evolving digital landscape.
The pattern is clear: AI infrastructure is now both the weapon AND the target.
Security teams must evolve from protecting against human attackers to defending against AI-powered, self-propagating threats.
How is your organization preparing for this shift?
📧 www.project-overwatch.com
Security teams must evolve from protecting against human attackers to defending against AI-powered, self-propagating threats.
How is your organization preparing for this shift?
📧 www.project-overwatch.com
Project Overwatch
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience. We provide insightful analysis and actionable intelligence to help you navigate our...
www.project-overwatch.com
November 23, 2025 at 1:02 PM
The pattern is clear: AI infrastructure is now both the weapon AND the target.
Security teams must evolve from protecting against human attackers to defending against AI-powered, self-propagating threats.
How is your organization preparing for this shift?
📧 www.project-overwatch.com
Security teams must evolve from protecting against human attackers to defending against AI-powered, self-propagating threats.
How is your organization preparing for this shift?
📧 www.project-overwatch.com
Quick hits from today:
- Doppel raised $70M Series C for AI anti-phishing
- Google patched 7th Chrome zero-day, credit to Big Sleep AI
- Cisco warns AI makes legacy system attacks easier
- netskope finds LLM malware still too unreliable for real attacks
- Doppel raised $70M Series C for AI anti-phishing
- Google patched 7th Chrome zero-day, credit to Big Sleep AI
- Cisco warns AI makes legacy system attacks easier
- netskope finds LLM malware still too unreliable for real attacks
November 23, 2025 at 1:02 PM
Quick hits from today:
- Doppel raised $70M Series C for AI anti-phishing
- Google patched 7th Chrome zero-day, credit to Big Sleep AI
- Cisco warns AI makes legacy system attacks easier
- netskope finds LLM malware still too unreliable for real attacks
- Doppel raised $70M Series C for AI anti-phishing
- Google patched 7th Chrome zero-day, credit to Big Sleep AI
- Cisco warns AI makes legacy system attacks easier
- netskope finds LLM malware still too unreliable for real attacks
Microsoft fights back with AI-powered predictive defense
New Defender features include:
- Predictive Shielding - anticipates attacker moves
- Unified posture management for AI agents
- Auto attack disruption across AWS, Okta, Proofpoint
Shifting from reactive to predictive security
New Defender features include:
- Predictive Shielding - anticipates attacker moves
- Unified posture management for AI agents
- Auto attack disruption across AWS, Okta, Proofpoint
Shifting from reactive to predictive security
November 23, 2025 at 1:02 PM
Microsoft fights back with AI-powered predictive defense
New Defender features include:
- Predictive Shielding - anticipates attacker moves
- Unified posture management for AI agents
- Auto attack disruption across AWS, Okta, Proofpoint
Shifting from reactive to predictive security
New Defender features include:
- Predictive Shielding - anticipates attacker moves
- Unified posture management for AI agents
- Auto attack disruption across AWS, Okta, Proofpoint
Shifting from reactive to predictive security
AnthropicAI's Claude Code had critical RCE vuln
CVE-2025-64755 allowed remote code execution via malicious prompts
- Bypassed security through sed command parsing
- Could be triggered from Git repos or web pages
- Shows regex filters insufficient for AI tools
specterops.io/blog/2025/11...
CVE-2025-64755 allowed remote code execution via malicious prompts
- Bypassed security through sed command parsing
- Could be triggered from Git repos or web pages
- Shows regex filters insufficient for AI tools
specterops.io/blog/2025/11...
An Evening with Claude (Code) - SpecterOps
This blog post explores a bug, (CVE-2025-64755), I found while trying to find a command execution primitive within Claude Code to demonstrate the risks of web-hosted MCP to a client.
specterops.io
November 23, 2025 at 1:02 PM
AnthropicAI's Claude Code had critical RCE vuln
CVE-2025-64755 allowed remote code execution via malicious prompts
- Bypassed security through sed command parsing
- Could be triggered from Git repos or web pages
- Shows regex filters insufficient for AI tools
specterops.io/blog/2025/11...
CVE-2025-64755 allowed remote code execution via malicious prompts
- Bypassed security through sed command parsing
- Could be triggered from Git repos or web pages
- Shows regex filters insufficient for AI tools
specterops.io/blog/2025/11...
Model Context Protocol gets emergency security overhaul
After malicious MCP servers stole thousands of emails, the protocol is adding:
- Server identity verification
- Formal authorization requirements
- Registry system for trusted tools
www.lakera.ai/blog/what-th...
After malicious MCP servers stole thousands of emails, the protocol is adding:
- Server identity verification
- Formal authorization requirements
- Registry system for trusted tools
www.lakera.ai/blog/what-th...
What the New MCP Specification Means to You, and Your Agents | Lakera – Protecting AI teams that disrupt the world.
The new MCP spec changes how AI agents identify servers, authenticate, run tasks, and manage risk. See what’s new and what it means for securing agentic systems.
www.lakera.ai
November 23, 2025 at 1:02 PM
Model Context Protocol gets emergency security overhaul
After malicious MCP servers stole thousands of emails, the protocol is adding:
- Server identity verification
- Formal authorization requirements
- Registry system for trusted tools
www.lakera.ai/blog/what-th...
After malicious MCP servers stole thousands of emails, the protocol is adding:
- Server identity verification
- Formal authorization requirements
- Registry system for trusted tools
www.lakera.ai/blog/what-th...
ServiceNow AI agents tricked into betraying each other
Researchers found agents can be manipulated to recruit MORE PRIVILEGED agents for unauthorized actions
- Works via second-order prompt injection
- Exploits default team collaboration features
- No bug - it's by design 😬
Researchers found agents can be manipulated to recruit MORE PRIVILEGED agents for unauthorized actions
- Works via second-order prompt injection
- Exploits default team collaboration features
- No bug - it's by design 😬
November 23, 2025 at 1:02 PM
ServiceNow AI agents tricked into betraying each other
Researchers found agents can be manipulated to recruit MORE PRIVILEGED agents for unauthorized actions
- Works via second-order prompt injection
- Exploits default team collaboration features
- No bug - it's by design 😬
Researchers found agents can be manipulated to recruit MORE PRIVILEGED agents for unauthorized actions
- Works via second-order prompt injection
- Exploits default team collaboration features
- No bug - it's by design 😬
ShadowRay 2.0 botnet is weaponizing AI against itself
Threat actors exploited Ray AI framework vulnerabilities, turning GPU clusters into a self-propagating worm
- 230,000+ Ray servers exposed globally
- Uses Ray's own orchestration to spread
- Targets startups & research orgs
Threat actors exploited Ray AI framework vulnerabilities, turning GPU clusters into a self-propagating worm
- 230,000+ Ray servers exposed globally
- Uses Ray's own orchestration to spread
- Targets startups & research orgs
November 23, 2025 at 1:02 PM
ShadowRay 2.0 botnet is weaponizing AI against itself
Threat actors exploited Ray AI framework vulnerabilities, turning GPU clusters into a self-propagating worm
- 230,000+ Ray servers exposed globally
- Uses Ray's own orchestration to spread
- Targets startups & research orgs
Threat actors exploited Ray AI framework vulnerabilities, turning GPU clusters into a self-propagating worm
- 230,000+ Ray servers exposed globally
- Uses Ray's own orchestration to spread
- Targets startups & research orgs
How is your organization approaching AI agents in security operations? Are you seeing similar ROI, or still evaluating the risks?
For deeper analysis on enterprise AI security trends and practical implementation strategies, check out our newsletter: www.project-overwatch.com
For deeper analysis on enterprise AI security trends and practical implementation strategies, check out our newsletter: www.project-overwatch.com
Project Overwatch
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience. We provide insightful analysis and actionable intelligence to help you navigate our...
www.project-overwatch.com
November 22, 2025 at 3:20 PM
How is your organization approaching AI agents in security operations? Are you seeing similar ROI, or still evaluating the risks?
For deeper analysis on enterprise AI security trends and practical implementation strategies, check out our newsletter: www.project-overwatch.com
For deeper analysis on enterprise AI security trends and practical implementation strategies, check out our newsletter: www.project-overwatch.com
Key takeaway for security leaders:
The question isn't "if" AI agents will transform your security posture - it's "how fast" you can implement them safely.
Early adopters allocate 50%+ of AI budgets to agents and see 88% ROI.
The window is closing.
The question isn't "if" AI agents will transform your security posture - it's "how fast" you can implement them safely.
Early adopters allocate 50%+ of AI budgets to agents and see 88% ROI.
The window is closing.
November 22, 2025 at 3:20 PM
Key takeaway for security leaders:
The question isn't "if" AI agents will transform your security posture - it's "how fast" you can implement them safely.
Early adopters allocate 50%+ of AI budgets to agents and see 88% ROI.
The window is closing.
The question isn't "if" AI agents will transform your security posture - it's "how fast" you can implement them safely.
Early adopters allocate 50%+ of AI budgets to agents and see 88% ROI.
The window is closing.
But here's the challenge: 37% of executives cite data privacy/security as their #1 concern when evaluating LLM providers.
The solution? Build AI security from day one with:
• Robust data governance
• Enterprise security frameworks
• Human-in-the-loop oversight
The solution? Build AI security from day one with:
• Robust data governance
• Enterprise security frameworks
• Human-in-the-loop oversight
November 22, 2025 at 3:20 PM
But here's the challenge: 37% of executives cite data privacy/security as their #1 concern when evaluating LLM providers.
The solution? Build AI security from day one with:
• Robust data governance
• Enterprise security frameworks
• Human-in-the-loop oversight
The solution? Build AI security from day one with:
• Robust data governance
• Enterprise security frameworks
• Human-in-the-loop oversight
Google Security Operations customers are seeing:
💰 $1.2M saved over 3 years
⚡ 70% reduction in breach risk/cost
🚀 50% faster mean time to respond
📈 65% faster mean time to investigate
These aren't projections. These are results.
💰 $1.2M saved over 3 years
⚡ 70% reduction in breach risk/cost
🚀 50% faster mean time to respond
📈 65% faster mean time to investigate
These aren't projections. These are results.
November 22, 2025 at 3:20 PM
Google Security Operations customers are seeing:
💰 $1.2M saved over 3 years
⚡ 70% reduction in breach risk/cost
🚀 50% faster mean time to respond
📈 65% faster mean time to investigate
These aren't projections. These are results.
💰 $1.2M saved over 3 years
⚡ 70% reduction in breach risk/cost
🚀 50% faster mean time to respond
📈 65% faster mean time to investigate
These aren't projections. These are results.
The shift from reactive to PROACTIVE defense is happening now.
AI agents handle:
• Malware analysis
• Alert triage & investigation
• Detection engineering
• Incident response workflows
Your analysts focus on critical threat hunting, not routine tasks.
AI agents handle:
• Malware analysis
• Alert triage & investigation
• Detection engineering
• Incident response workflows
Your analysts focus on critical threat hunting, not routine tasks.
November 22, 2025 at 3:20 PM
The shift from reactive to PROACTIVE defense is happening now.
AI agents handle:
• Malware analysis
• Alert triage & investigation
• Detection engineering
• Incident response workflows
Your analysts focus on critical threat hunting, not routine tasks.
AI agents handle:
• Malware analysis
• Alert triage & investigation
• Detection engineering
• Incident response workflows
Your analysts focus on critical threat hunting, not routine tasks.
Early adopters are seeing massive ROI:
✅ 85% improved threat identification (vs 77% average)
✅ 85% better intelligence/response integration
✅ 65% reduction in time to resolution
✅ 58% fewer security tickets
Speed + precision = competitive edge.
✅ 85% improved threat identification (vs 77% average)
✅ 85% better intelligence/response integration
✅ 65% reduction in time to resolution
✅ 58% fewer security tickets
Speed + precision = competitive edge.
November 22, 2025 at 3:20 PM
Early adopters are seeing massive ROI:
✅ 85% improved threat identification (vs 77% average)
✅ 85% better intelligence/response integration
✅ 65% reduction in time to resolution
✅ 58% fewer security tickets
Speed + precision = competitive edge.
✅ 85% improved threat identification (vs 77% average)
✅ 85% better intelligence/response integration
✅ 65% reduction in time to resolution
✅ 58% fewer security tickets
Speed + precision = competitive edge.
AI agents have moved beyond assistance to AUTONOMY in security operations.
46% of organizations using AI agents deploy them for security ops and cybersecurity - making it the top use case across 5 of 7 surveyed industries.
This isn't hype anymore. It's strategic advantage.
46% of organizations using AI agents deploy them for security ops and cybersecurity - making it the top use case across 5 of 7 surveyed industries.
This isn't hype anymore. It's strategic advantage.
November 22, 2025 at 3:20 PM
AI agents have moved beyond assistance to AUTONOMY in security operations.
46% of organizations using AI agents deploy them for security ops and cybersecurity - making it the top use case across 5 of 7 surveyed industries.
This isn't hype anymore. It's strategic advantage.
46% of organizations using AI agents deploy them for security ops and cybersecurity - making it the top use case across 5 of 7 surveyed industries.
This isn't hype anymore. It's strategic advantage.
We're witnessing AI's evolution from helpful assistant to autonomous cyber weapon.
As attackers deploy AI at machine speed, defenders need equally advanced AI tools to respond.
What's your take on AI-vs-AI cyber warfare?
Get cyber AI insights: www.project-overwatch.com
As attackers deploy AI at machine speed, defenders need equally advanced AI tools to respond.
What's your take on AI-vs-AI cyber warfare?
Get cyber AI insights: www.project-overwatch.com
Project Overwatch
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience. We provide insightful analysis and actionable intelligence to help you navigate our...
www.project-overwatch.com
November 16, 2025 at 2:57 PM
We're witnessing AI's evolution from helpful assistant to autonomous cyber weapon.
As attackers deploy AI at machine speed, defenders need equally advanced AI tools to respond.
What's your take on AI-vs-AI cyber warfare?
Get cyber AI insights: www.project-overwatch.com
As attackers deploy AI at machine speed, defenders need equally advanced AI tools to respond.
What's your take on AI-vs-AI cyber warfare?
Get cyber AI insights: www.project-overwatch.com
Other key updates:
- OWASP released 2025 Top 10 risks (prompt injection still #1 for GenAI)
- Google Cloud launched Unified Security with CrowdStrike, Fortinet, Wiz
- Tenzai raised $75M seed for AI pentesting
- Nvidia patched RCE flaws in NeMo framework
- OWASP released 2025 Top 10 risks (prompt injection still #1 for GenAI)
- Google Cloud launched Unified Security with CrowdStrike, Fortinet, Wiz
- Tenzai raised $75M seed for AI pentesting
- Nvidia patched RCE flaws in NeMo framework
November 16, 2025 at 2:57 PM
Other key updates:
- OWASP released 2025 Top 10 risks (prompt injection still #1 for GenAI)
- Google Cloud launched Unified Security with CrowdStrike, Fortinet, Wiz
- Tenzai raised $75M seed for AI pentesting
- Nvidia patched RCE flaws in NeMo framework
- OWASP released 2025 Top 10 risks (prompt injection still #1 for GenAI)
- Google Cloud launched Unified Security with CrowdStrike, Fortinet, Wiz
- Tenzai raised $75M seed for AI pentesting
- Nvidia patched RCE flaws in NeMo framework
AWS researchers used AI detection to uncover 150,000+ malicious npm packages in a massive "token farming" scheme.
Instead of stealing data, attackers exploited tea.xyz's reward system - showing how economic incentives create new attack vectors.
aws.amazon.com/blogs/securi...
Instead of stealing data, attackers exploited tea.xyz's reward system - showing how economic incentives create new attack vectors.
aws.amazon.com/blogs/securi...
Amazon Inspector detects over 150,000 malicious packages linked to token farming campaign | Amazon Web Services
Amazon Inspector security researchers have identified and reported over 150,000 packages linked to a coordinated tea.xyz token farming campaign in the npm registry. This is one of the largest package ...
aws.amazon.com
November 16, 2025 at 2:57 PM
AWS researchers used AI detection to uncover 150,000+ malicious npm packages in a massive "token farming" scheme.
Instead of stealing data, attackers exploited tea.xyz's reward system - showing how economic incentives create new attack vectors.
aws.amazon.com/blogs/securi...
Instead of stealing data, attackers exploited tea.xyz's reward system - showing how economic incentives create new attack vectors.
aws.amazon.com/blogs/securi...
New research reveals LLMs can predict their own malicious compliance with 90%+ accuracy using "Structured Self-Modeling."
GPT-4o showed the highest self-awareness - a dual-use capability for both attackers probing weaknesses and defenders screening inputs.
GPT-4o showed the highest self-awareness - a dual-use capability for both attackers probing weaknesses and defenders screening inputs.
November 16, 2025 at 2:57 PM
New research reveals LLMs can predict their own malicious compliance with 90%+ accuracy using "Structured Self-Modeling."
GPT-4o showed the highest self-awareness - a dual-use capability for both attackers probing weaknesses and defenders screening inputs.
GPT-4o showed the highest self-awareness - a dual-use capability for both attackers probing weaknesses and defenders screening inputs.
Meanwhile, researchers uncovered "ShadowMQ" - a critical vulnerability spreading across AI inference infrastructure.
The flaw enables remote code execution through insecure deserialization, affecting Nvidia TensorRT-LLM and other major platforms.
www.oligo.security/blog/shadowm...
The flaw enables remote code execution through insecure deserialization, affecting Nvidia TensorRT-LLM and other major platforms.
www.oligo.security/blog/shadowm...
Critical RCE Flaws Found Across Major AI Inference Servers | Oligo Security
Oligo Security uncovers widespread RCE vulnerabilities in Meta, NVIDIA, Microsoft, vLLM, SGLang, and Modular AI servers linked to unsafe ZeroMQ and pickle use.
www.oligo.security
November 16, 2025 at 2:57 PM
Meanwhile, researchers uncovered "ShadowMQ" - a critical vulnerability spreading across AI inference infrastructure.
The flaw enables remote code execution through insecure deserialization, affecting Nvidia TensorRT-LLM and other major platforms.
www.oligo.security/blog/shadowm...
The flaw enables remote code execution through insecure deserialization, affecting Nvidia TensorRT-LLM and other major platforms.
www.oligo.security/blog/shadowm...
Key limitation: The model occasionally hallucinated credentials or fabricated findings, requiring human validation.
But this barrier for launching automated cyber operations has now been substantially lowered.
Full technical report: assets.anthropic.com/m/ec212e6566...
But this barrier for launching automated cyber operations has now been substantially lowered.
Full technical report: assets.anthropic.com/m/ec212e6566...
assets.anthropic.com
November 16, 2025 at 2:57 PM
Key limitation: The model occasionally hallucinated credentials or fabricated findings, requiring human validation.
But this barrier for launching automated cyber operations has now been substantially lowered.
Full technical report: assets.anthropic.com/m/ec212e6566...
But this barrier for launching automated cyber operations has now been substantially lowered.
Full technical report: assets.anthropic.com/m/ec212e6566...
Anthropic confirmed Chinese state-sponsored hackers bypassed safety features through clever "jailbreaking" - framing malicious tasks as security tests and breaking them into isolated requests.
The AI operated with minimal human oversight. 🤖
The AI operated with minimal human oversight. 🤖
November 16, 2025 at 2:57 PM
Anthropic confirmed Chinese state-sponsored hackers bypassed safety features through clever "jailbreaking" - framing malicious tasks as security tests and breaking them into isolated requests.
The AI operated with minimal human oversight. 🤖
The AI operated with minimal human oversight. 🤖
The landscape is shifting rapidly: encryption alone isn't enough, malware is getting smarter, and trusted platforms are becoming attack vectors.
How is your organization adapting to these evolving AI security threats?
Get deeper analysis in our daily newsletter: www.project-overwatch.com
How is your organization adapting to these evolving AI security threats?
Get deeper analysis in our daily newsletter: www.project-overwatch.com
Project Overwatch
Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience. We provide insightful analysis and actionable intelligence to help you navigate our...
www.project-overwatch.com
November 9, 2025 at 5:47 PM
The landscape is shifting rapidly: encryption alone isn't enough, malware is getting smarter, and trusted platforms are becoming attack vectors.
How is your organization adapting to these evolving AI security threats?
Get deeper analysis in our daily newsletter: www.project-overwatch.com
How is your organization adapting to these evolving AI security threats?
Get deeper analysis in our daily newsletter: www.project-overwatch.com