John P. Mello Jr.
LightNews LightNews
banner
jpmjr.bsky.social
John P. Mello Jr.
@jpmjr.bsky.social
140 followers 170 following 320 posts
freelance writer and editor focusing on technology and cybersecurity
Posts Replies Media Videos
jpmjr.bsky.social
New tool from Cloud Security Alliance grades AI models by security, privacy and reliability, helping organizations choose trustworthy LLMs. jpmellojr.blogspot.com/2025/11/new-... #AISecurity #RiskRubric #CloudSecurityAlliance
#LLM #AIGovernance
New AI security tool lays out key exposures
A new tool that allows AI builders and users to assess the risk posed by large language models (LLMs) has been announced by the Cloud Secu...
jpmellojr.blogspot.com
November 12, 2025 at 11:04 PM
jpmjr.bsky.social
Corporate real estate AI pilots explode from 5% to 92% in just 3 years, but only 5% achieve all program goals. #AI #CommercialRealEstate #PropTech #JLL #CRE
jpmellojr.blogspot.com/2025/11/corp...
Corporate Real Estate AI Pilots Surge, ROI Still Elusive
Corporate real estate firms are enthusiastically embracing artificial intelligence, but few are achieving the goals they expected from the...
jpmellojr.blogspot.com
November 12, 2025 at 5:11 PM
jpmjr.bsky.social
Think tank warns of China's strategic economic espionage targeting American innovation and security. jpmellojr.blogspot.com/2025/11/thin... #ChinaTechThreat #NationalSecurity #ITIF #China
Think Tank Waves Red Flag Over Chinese Economic Espionage
A call to disrupt the People’s Republic of China’s economic espionage campaign against the United States was sounded in a new report by a ...
jpmellojr.blogspot.com
November 11, 2025 at 3:25 PM
jpmjr.bsky.social
Legacy vul management is out. Continuous Threat Exposure Management (CTEM) is in. Discover how it brings risk prioritization to security teams. #CTEM #Zafran #Gartner #VulnerabilityManagement jpmellojr.blogspot.com/2025/11/gart...
Gartner's CTEM advances vulnerability management
Legacy approaches to vulnerability management (VM) are failing to keep organizations secure. However, a new approach, called Continuous Th...
jpmellojr.blogspot.com
November 5, 2025 at 10:01 PM
jpmjr.bsky.social
Enterprises are overestimating cloud reliability. Rethink needed. jpmellojr.blogspot.com/2025/11/clou... #CloudReliability #EnterpriseIT #CloudComputing #CloudResilience #JuniperResearch
Cloud Reliability Requires Rethinking Dependencies
Enterprises are overestimating the reliability of their cloud providers and need to rethink their cloud strategy, according to Sam Barker,...
jpmellojr.blogspot.com
November 5, 2025 at 4:00 PM
jpmjr.bsky.social
BCG warns retailers: shoppers plan to use GenAI assistants this holiday season, shift to "Agent Engine Optimization" needed jpmellojr.blogspot.com/2025/11/reta...
#GenAI #Retail #AIShopping #Ecommerce #BCG
Retailers Risk Losing Visibility as GenAI Guides Holiday Shoppers
Shoppers will be looking for year-end deals like they always do as the holidays approach, but more of them will be using artificial intell...
jpmellojr.blogspot.com
November 4, 2025 at 3:16 PM
jpmjr.bsky.social
AI is helping dev teams move up to 4x faster, but it’s also introducing 10x more AppSec vulnerabilities. Dive into the details: jpmellojr.blogspot.com/2025/10/ai-i... #AICoding #AppSec #SoftwareRisk #Apiiro #CodingWithAI #CodeVelocity
AI is ramping up coding velocity — and risk
Developers using AI coding assistants are producing code as much as four times faster than their unassisted peers, but that code contains ...
jpmellojr.blogspot.com
October 29, 2025 at 9:25 PM
jpmjr.bsky.social
Victims of identity crime are facing record-high losses — and growing emotional fallout. jpmellojr.blogspot.com/2025/10/risi...
#IdentityTheft #IdentityCrime #ITRC
Rising ID Crime Losses Take a Growing Emotional Toll
Criminals are monetizing stolen identities at higher rates and stealing larger sums, while more victims report severe emotional distress, ...
jpmellojr.blogspot.com
October 29, 2025 at 3:10 PM
jpmjr.bsky.social
IBM has run a critical error-correction algorithm on off-the-shelf chips, pushing quantum computing closer to real-world use! jpmellojr.blogspot.com/2025/10/ibm-...
#QuantumComputing #IBM #AMD #ErrorCorrection
IBM Makes Quantum Breakthrough With Off-the-Shelf AMD Chips
IBM has run a critical error-correction algorithm on off-the-shelf chips, pushing quantum computing closer to real-world use. more
jpmellojr.blogspot.com
October 28, 2025 at 2:07 PM
jpmjr.bsky.social
The EV market is bracing for a "recalibration" in 2026 as surging depreciation and the end of key U.S. subsidies reset the industry. jpmellojr.blogspot.com/2025/10/ev-m... #EVMarket #Recalibration #ElectricVehicles #EVs
EV Market Recalibration Ahead as Prices Plunge, Subsidies End
The EV market is bracing for a "recalibration" in 2026 as surging depreciation and the end of key U.S. subsidies reset the industry. more
jpmellojr.blogspot.com
October 22, 2025 at 3:16 PM
jpmjr.bsky.social
The EV market is bracing for a "recalibration" in 2026 as surging depreciation and the end of key U.S. subsidies reset the industry. jpmellojr.blogspot.com/2025/10/ev-m... #EVMarket #Recalibration #ElectricVehicles #EVs
EV Market Recalibration Ahead as Prices Plunge, Subsidies End
The EV market is bracing for a "recalibration" in 2026 as surging depreciation and the end of key U.S. subsidies reset the industry. more
jpmellojr.blogspot.com
October 22, 2025 at 3:14 PM
jpmjr.bsky.social
OpenAI’s Sora 2 can be prompted to generate false claim videos 80% of the time, according to NewsGuard. jpmellojr.blogspot.com/2025/10/sora... #Sora2 #OpenAI #Deepfakes #Disinformation #NewsGuard
Sora 2 Generates False Videos 80% of the Time, Study Finds
New research by NewsGuard has revealed that the latest version of OpenAI’s video creation tool Sora 2 can be prompted to advance false or ...
jpmellojr.blogspot.com
October 21, 2025 at 2:22 PM
jpmjr.bsky.social
AI MCP servers have a glaring security hole: long-lived, static credentials are putting data, code, and production systems at risk. jpmellojr.blogspot.com/2025/10/mode... #AIsecurity #CredentialSecurity #MCP #APISecurity #SecretsManagement #Astrix
Model Context Protocol credential weakness raises red flags
MCP servers, which are important to the fast-developing AI stack, have a credentials problem. more
jpmellojr.blogspot.com
October 16, 2025 at 9:25 PM
jpmjr.bsky.social
Vibe coding is fast—but is it secure? Here are 5 critical lessons for AppSec teams navigating AI-generated code in production. jpmellojr.blogspot.com/2025/10/vibe...
#VibeCoding #AppSec #AIgeneratedCode #DevSecOps #LLMcoding #CodeReview #SoftwareSecurity
Vibe coding in production: 5 security lessons
Vibe-coded apps that make it to production can be a minefield for security teams. Here are key takeaways for your AppSec team. more
jpmellojr.blogspot.com
October 16, 2025 at 3:37 PM
jpmjr.bsky.social
Q3 digital ad spend saw mixed growth. Instagram (+21% YoY) and YouTube (+12% YoY) delivered strong increases. jpmellojr.blogspot.com/2025/10/q3-a...
#DigitalAdSpend #Tunuiti #AdvertisingTrends #ecommerce
Q3 Ad Spend on Largest Digital Platforms Showed Mixed Growth
Ad spending growth trends were mixed across the largest U.S. digital ad platforms in Q3, while pricing growth was weak, according to a rep...
jpmellojr.blogspot.com
October 15, 2025 at 2:56 PM
jpmjr.bsky.social
ID breaches are on the rise, with help desks being targeted! Check out the latest report from RSA jpmellojr.blogspot.com/2025/10/iden... #IdentityBreach #HelpDesk #RSA #InfoSec #SecurityThreats
Identity Breaches Surge as Help Desks Face New Threats
Identity-related system breaches are on the rise, and organizational help desks are emerging as a popular target for threat actors more
jpmellojr.blogspot.com
October 14, 2025 at 2:20 PM
jpmjr.bsky.social
Your digital perimeter isn’t what it used to be. ReversingLabs lays out 10 must-do moves to defang your attack surface before it bites back. jpmellojr.blogspot.com/2025/10/the-... #AttackSurface #RiskManagement #ASM - #SecurityStrategy #AppSec
The attack surface is expanding: 10 ways to bolster risk management
Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise....
jpmellojr.blogspot.com
October 8, 2025 at 4:50 PM
jpmjr.bsky.social
Plugin vulnerability exploited! Get the inside scoop on the Postmark MCP attack and what it means for supply chain security.#PostmarkMCP #npm #supplyChainSecurity
jpmellojr.blogspot.com/2025/10/the-...
The Postmark MCP server attack: 5 key takeaways
The recent discovery of malicious MCP (Model Context Protocol) server code has some sobering ramifications for security teams. Here are le...
jpmellojr.blogspot.com
October 8, 2025 at 4:02 PM
jpmjr.bsky.social
Security leaders are turning to AI to empower their short-staffed teams and close skills gaps. jpmellojr.blogspot.com/2025/10/secu... #AIinSecurity #SecurityTeams #Fortinet #SkillsShortage
Security Leaders Turn to AI Amid Cyber Skills Shortage
Security leaders facing workforce shortages are turning to artificial intelligence to close the skills gaps in their organizations, accord...
jpmellojr.blogspot.com
October 8, 2025 at 3:07 PM
jpmjr.bsky.social
41% of schools in the US & UK have experienced AI-related cyber incidents, including phishing campaigns and deepfakes. #SchoolSecurity #EdTech #ArtificialIntelligence #AIinEducation
jpmellojr.blogspot.com/2025/10/41-o...
41% of Schools Face AI-Related Cyber Incidents, Study Finds
Some 41% of schools in the United States and the United Kingdom have experienced AI-related cyber incidents, ranging from phishing campaig...
jpmellojr.blogspot.com
October 7, 2025 at 7:18 PM
jpmjr.bsky.social
Researchers demonstrate how AI-powered real-time voice cloning can be used for convincing vishing attacks. jpmellojr.blogspot.com/2025/10/real... #Vishing #DeepfakeVishingttacks #RealTimeVoiceCloning #NCC
Real-Time AI Voice Cloning Powers Convincing Vishing Attacks
Cybersecurity researchers revealed Tuesday how artificial intelligence can be used to clone a person’s voice in real time to mount voice p...
jpmellojr.blogspot.com
October 1, 2025 at 4:26 PM
jpmjr.bsky.social
OpenAI drops new parental controls for teens on ChatGPT — link accounts, set quiet hours, and limit content. jpmellojr.blogspot.com/2025/09/open...
#ChatGPT #OpenAI #ParentalControls #TeenSafety
OpenAI Adds Parental Monitoring Tools for Teen ChatGPT Users
New parental controls for one of the most popular generative AI chatbots on the web were rolled out Monday by OpenAI. more
jpmellojr.blogspot.com
September 30, 2025 at 2:05 PM
jpmjr.bsky.social
The ongoing battle between shipping code fast and shipping it securely is a real challenge. Here are some strategies for AppSec teams to manage the risk. www.reversinglabs.com/blog/deadlin... #SecureCode #AppSec #SoftwareDevelopment #DevSecOps #CyberRisk
Deadlines vs. secure code: What AppSec teams can do  | ReversingLabs
AI coding and other modern development practices mean flawed code will continue to ship. Here are key recommendations for managing software risk.
www.reversinglabs.com
September 24, 2025 at 7:57 PM
jpmjr.bsky.social
Secret Service dismantles massive SIM farm. Mobile domain becoming security battleground.
jpmellojr.blogspot.com/2025/09/secr...
#MobileSecurity #SIMFarm #NationalSecurity #SecretService
Secret Service Telecom Takedown Sparks Mobile Security Fears
The takedown of a massive outlaw telecom network in the New York City metro area by the U.S. Secret Service has raised concerns about the ...
jpmellojr.blogspot.com
September 24, 2025 at 2:51 PM
jpmjr.bsky.social
Blowing the whistle just got a little easier: New DOD rule aims to protect & empower whistleblowers jpmellojr.blogspot.com/2025/09/new-... #Whistleblower #DOD #compliance #CMMC #CUI #FalseClaimsAct
New Pentagon Cyber Rule May Trigger More Whistleblowing
A new rule by the U.S. Department of Defense (DOD) aimed at beefing up cybersecurity at contractors doing business with the agency could s...
jpmellojr.blogspot.com
September 23, 2025 at 2:05 PM