by valino | May 23, 2026 | Hacking, Compliance
The most consequential AI security finding we shipped to a client in 2026 had nothing to do with prompt injection or model jailbreaks. It was an internal customer-support copilot that an enterprising employee had pointed at the company’s complete document...
by valino | May 22, 2026 | Network, Hacking
The most consequential OT security incident we worked in 2026 was caused by a domain administrator’s laptop, not by an attacker who understood industrial control systems. The attacker pivoted from a phished IT user to a flat network where the operational...
by valino | May 21, 2026 | Hacking, Compliance
The most underappreciated reality of ransomware economics in 2026 is that the criminal supply chain has matured into something resembling an enterprise software market. Affiliates pay subscription fees. Builders publish quarterly roadmaps. Negotiators have key...
by valino | May 20, 2026 | Hacking, Compliance
The most useful tabletop exercise we have ever facilitated lasted 90 minutes, involved no slide deck, and produced 14 documented gaps that the company spent the following six months closing. The exercise was deliberately uncomfortable. The CEO did not know the...
by valino | May 19, 2026 | Hacking, Phishing
The most well-meaning phishing simulation program we have audited in 2026 was producing single-digit click rates, glowing quarterly reports to the board, and — in the same period — a 47 percent click rate when an actual phishing crew targeted the organization. The...
