2026 Year of Quantum Security & WH Executive Order Commentary From Forward Edge AI

Posted in Commentary with tags on January 10, 2026 by itnerd

As quantum cybersecurity gains global traction, The Quantum Insider has declared 2026 the [Year of Quantum Security], a year-long global effort backed by the FBI and NIST, launching January 12th in Washington, D.C. The program will align policy, security practices, and coordination across the quantum ecosystem, focusing on post-quantum cryptography (PQC), quantum resilience, and IP protection.

Closely related, the White House is expected to release critical executive action mandates on quantum and post-quantum cybersecurity within the next two weeks. These actions will build directly on work already underway in the government.

Forward Edge-AI’s Isidore Quantum® system, co-developed with the U.S. government and backed by Microsoft and Lumen, is CNSA 2.0–compliant, FIPS 140-3 certified, and has been tested by every U.S. military branch. The company has already completed 32 government and commercial pilot programs that confirm scalability across defense, telecom, and critical infrastructure, proving post-quantum migration is operationally feasible now.

Lt. Gen. Ross Coffman (U.S. Army, Ret.), President of Forward Edge-AI, states: 

“It’s about time we woke up. The IC community identified this threat years ago. For the FBI and NIST to get behind the Year of Quantum Security, it means they are putting the full power of the purse and policy behind protecting the US against clear and present danger. This is a huge step for cybersecurity in a post quantum world. It affects every vertical – not just the military. It’s cliche to say that everyone from Main St. to Wall St. needs PQC protection but it affects your grandma’s ATM.”

“Other countries in Asia have sped up post-quantum cybersecurity adoption because they live next door to the largest cybersecurity threat. They know it will take a year to implement.

The government began the post-quantum migration years ago, and we’ve proven that path works, across land, air, sea, and space,” said Coffman, “We weren’t waiting for NIST timelines. Our plug and play hardware is deployed now, giving agencies a practical path to compliance.”

This will be interesting to see how this plays out as cybersecurity hasn’t been a top of mind item with this administration.

Leave a comment »

North Korean State-Sponsored Kimsuky activity targeting the government space

Posted in Commentary with tags on January 9, 2026 by itnerd

The FBI has issued a warning that North Korean state-sponsored threat actor Kimsuky is actively targeting government agencies, academic institutions, and think tanks using spear-phishing emails that contain malicious QR codes. This technique, known as “quishing,” bypasses traditional email security by embedding QR codes instead of clickable URLs, forcing victims to use unmanaged mobile devices.

Once scanned, the QR codes redirect victims through attacker-controlled domains that collect device and location data before serving mobile-optimized phishing pages impersonating Microsoft 365, Okta, or VPN login portals. By stealing session cookies, attackers can bypass MFA and hijack cloud identities. Because the initial compromise occurs outside standard EDR and network visibility, the FBI now considers quishing a high-confidence, MFA-resilient identity intrusion vector. Kimsuky has used this approach in recent espionage campaigns and has been active since at least 2012.

Chris Pierson, Founder and CEO, BlackCloak had this to say:

“Quishing is a reminder that attackers are deliberately shifting the point of compromise away from corporate infrastructure and onto personal, unmanaged devices where security controls are weakest. When executives or staff scan a QR code on their phone, they are often stepping completely outside the organization’s detection and response capabilities. That makes identity theft and session hijacking far more likely, even in environments with MFA enabled. Organizations need to treat mobile devices and digital behavior as part of the attack surface, not an edge case. Executive protection strategies must account for how attackers blend convenience, trust, and mobile workflows to bypass traditional defenses.”

Will Baxter, Field CISO, Team Cymru follows with this:

“Kimsuky’s use of quishing highlights a broader shift among nation-state actors toward identity-centric intrusion rather than malware-heavy attack chains. QR-based phishing evades traditional email controls while allowing attackers to profile the victim’s device and environment before delivering tailored lures. When session cookies or cloud tokens are stolen, MFA can be bypassed entirely, turning identities into reusable assets for follow-on espionage. This is why defenders need visibility beyond the network edge—correlating external threat intelligence with identity telemetry to spot infrastructure reuse and disrupt these campaigns earlier in the kill chain.”

If you want to learn more about Quishing and how to protect yourself, this link from Cloudflare can help you. This is handy information as this is clearly a popular means of attack from threat actors.

Leave a comment »

Highlights from HP’s Latest Product Launches At CES

Posted in Commentary with tags on January 9, 2026 by itnerd

As CES 2026 concludes in Las Vegas today, here’s a recap HP’s presence at the show along with a few highlights. From AI-powered PCs to gaming and everyday computing, HP announced a range of updates focused on how AI is showing up more meaningfully across work and life. 

  • Shaping the future of work: HP introduced a new generation of AI-powered PCs and devices, including the industry’s first AI PC built directly into a keyboard, alongside refreshed EliteBook and OmniBook portfolios designed for hybrid, AI-intensive workflows. 
  • Reimagining the desk: HP unveiled new desk-centric products at CES, including the EliteBoard G1a Next-Gen AI PC, the world’s first full PC built into a keyboard, and the HP Series 7 Pro 4K Monitor with Neo:LED display technology, designed to support more flexible and visually immersive work setups. 
  • Driving intelligent work forward: From Microsoft Copilot integration at the printer to enhanced IT management and recovery tools, HP expanded its AI ecosystem to help simplify workflows and improve the employee experience.  
  • The future of play: HP unified OMEN and HyperX under a single gaming vision, introducing new hardware and experiences built to deliver uncompromised performance for gamers and creators. 
  • Powering everyday life: HP announced updates across its consumer and creative portfolio, including new OmniBook notebooks, the OmniStudio X 27 All-in-One desktop, refreshed Chromebook models, and expanded software experiences, reinforcing its focus on AI-enabled devices designed to support how people live, work and create every day. 

Leave a comment »

Things Get Worse For Elon Musk As US Senators Want The Twitter And Grok Apps Removed From App Stores

Posted in Commentary with tags , on January 9, 2026 by itnerd

Elon Musk will likely have to hit the drug of his choice to deal with the headache that Grok and its bad behaviour is going to cause him. I say that because in a letter to Apple CEO Tim Cook and Google CEO Sundar Pichai, U.S. Senators Ron Wyden, Ben Ray Lujan, and Edward Markey have said this:

We write to ask that you enforce your app stores’ terms of service against X Corp’s (hereafter, “X”) X and Grok apps for their mass generation of nonconsensual sexualized images of women and children. X’s generation of these harmful and likely illegal depictions of women and children has shown complete disregard for your stores’ distribution terms. Apple and Google must remove these apps from the app stores until X’s policy violations are addressed.

Now Elon may not care about what the EU or the UK has to say. But this request from these US senators will get his attention and make it clear that paywalling the ability to create objectionable content isn’t nearly enough to deal with this issue. I for one am hoping that other countries jump on the bandwagon and do something like this. If not more.

Leave a comment »

Elon Musk Limits Image Generation For Grok AI To Paid Subscribers…. That’s Not Good Enough

Posted in Commentary with tags on January 9, 2026 by itnerd

Earlier this week, it came to light that Grok AI which is Elon Musk’s AI chatbot was letting users create objectionable content. This predictably resulted in massive amounts of blowback from the average joe to politicians and national leaders. Elon and company didn’t seem too concerned about the blowback. But that changed today. From the BBC:

There has been a significant backlash after the chatbot honoured requests from users to digitally alter images of other people by undressing them without their consent.

But Grok is now telling people asking it to make such material that only paid subscribers would be able to do so – meaning their name and payment information must be on file.

So what Elon and company have done is monetise this feature rather than addressing the fact that this AI chatbot should never do something like this. The fact is this is not acceptable and not nearly enough is being done by Elon and company to address this. Clearly Elon does not care about the harm that his AI causes. And quite frankly he needs to be punished for this. I’d start with banning Grok and potentially Twitter along with it. He needs to face consequences for his actions. And the harsher those punishments are, the better.

1 Comment »

Forward Edge-AI Announces Global Channel Ecosystem With More Than Two Dozen New Partners

Posted in Commentary with tags on January 9, 2026 by itnerd

Forward Edge-AI today announced its global channel partner ecosystem, adding more than two dozen new partners across North America, Europe, Asia-Pacific, and the Middle East. The channel expansion supports rising demand for deployable post-quantum cybersecurity solutions as government mandates and enterprise risk timelines accelerate. 

Furthermore, The Quantum Insider has declared 2026 as the Year of Quantum Security, “a coordinated, year-long global effort focused on post-quantum cryptography, quantum resilience, and the responsible protection of quantum technologies and the intellectual property that underpins them…as quantum systems move toward operational use.”  

Forward Edge-AI’s new partners include a joint venture in Japan, value-added resellers, systems integrators, managed security service providers, and regional distributors serving defense, critical infrastructure, telecommunications, healthcare, and industrial markets. Together, they extend Forward Edge-AI’s ability to deliver post-quantum protection at scale, particularly in environments where latency, operational continuity, and regulatory compliance are critical. Channel partners such as Accrete – its joint venture partner in Japan,Aspiration, Cubic, Lumen, Microsoft, Wisecube and others are servicing international government contracts, and customers in finance, healthcare, space, manufacturing, insurance and critical infrastructure. 

Channel Expansion Addresses Immediate Post-Quantum Readiness Gaps

The channel program is centered on Isidore Quantum®, Forward Edge-AI’s plug-and-play hardware-based post-quantum encryption platform designed to secure data in transit without requiring software rewrites, PKI dependencies, or network re-architecture. The platform is a zero trust, protocol-agnostic CNSA 2.0 compliant system designed to operate across legacy and modern environments, including operational technology and constrained networks. It has attracted many channel partners because it offers 60% less TCO than similar systems with attractive pricing models for the channel.  

As governments and regulators transition from planning to execution of post-quantum cryptography, many organizations lack the internal expertise and operational capacity to deploy new cryptographic infrastructure within tight timelines. Channel partners play a critical role in bridging that gap, providing implementation, integration, and managed services aligned with customer environments.

“Post-quantum security is a primary concern of myriad governments that understand the imminent threats,” said Eric Adolphe, CEO of Forward Edge-AI. “NIST has estimated that more than 20 billion quantum resistant devices need to be deployed by 2027. Organizations are being asked to act now, but most do not have the luxury of multi-year transformation programs. Our partners are essential to delivering solutions that work immediately at scale.”

Built for High-Assurance and Regulated Environments

Unlike software-only post-quantum approaches, Isidore Quantum is delivered as a deployable hardware platform designed for high-assurance use cases, including defense, critical infrastructure, and regulated enterprise environments. The system provides quantum-resistant protection for data in motion while maintaining operational transparency for existing applications and networks.

The Isidore platform has been validated through a combination of government-led testing, operational pilots, independent third-party evaluation, and formal certification milestones. This validation has been tested across defense, telecommunications, and enterprise pilots and is designed to meet stringent performance and reliability requirements, including low latency and silent operation. Its exportable design also enables deployment across international and coalition environments where traditional cryptographic solutions face regulatory or operational barriers.

For channel partners, Forward Edge-AI supports multiple go-to-market models, including resale, managed services, and integration into existing security offerings. The program includes technical onboarding, partner enablement, and direct engineering support to ensure operational readiness.

Positioning the Channel for the Quantum Transition

Forward Edge-AI expects continued growth in partner demand as post-quantum requirements increasingly influence cybersecurity procurement decisions across both public and private sectors. The company plans to onboard additional regional partners and enable them throughout 2026.

Leave a comment »

CloudSEK Report Reveals MuddyWater’s Shift to Advanced Rust-Based Cyber Espionage 

Posted in Commentary with tags on January 9, 2026 by itnerd

 A new threat intelligence report from CloudSEK has been published. Their research team has uncovered how the MuddyWater APT group—a known state-linked threat actor—has significantly evolved its attack tooling by deploying a new Rust-based implant, which we’ve named “RustyWater.”

The report details an ongoing spear-phishing campaign targeting government, diplomatic, telecom, financial, and maritime organisations across the Middle East. What makes this campaign noteworthy is the group’s move away from its traditional PowerShell and VBS-based tools to a more stealthy, modular, and resilient Rust implant that enables long-term persistence and low-noise espionage—making detection and response far more challenging for defenders.

They break down both the technical mechanics and the broader security implications in a way that highlights why this evolution matters, especially for organisations relying on conventional security controls.

You can read the full report here:
https://www.cloudsek.com/blog/reborn-in-rust-muddywater-evolves-tooling-with-rustywater-implant

Leave a comment »

The Vibe Coding Security Gap & The New SHIELD Framework From Unit 42

Posted in Commentary with tags on January 8, 2026 by itnerd

Today, Unit 42 released new analysis on vibe coding’s hidden security risks and threats. AI-assisted “vibe coding” has officially gone mainstream with 99% of organizations now using AI agents in software development (State of Cloud Security Report 2025). But while AI-assisted coding dramatically boosts speed and productivity, it is also generating insecure code faster than security teams can review or remediate it – introducing vulnerabilities, technical debt, and real-world breach risks at an unprecedented scale.

This is a serious problem and too many organizations are ignoring long-standing industry principles such as “least privilege,” sacrificing secure development standards for speed and functionality. To compound this, the rise of Citizen Developers who lack code review literacy is accelerating the deployment of insecure code and supply chain weaknesses are being introduced at worrying rates. 

To address this, Unit 42 is introducing the SHIELD framework to reintroduce secure design into AI-assisted coding.

Read the full analysis for more details.

Leave a comment »

2025 Saw New Highs for Credential Theft, Dark Web Centered on Commercial Exchange, Ransomware and Akira and More

Posted in Commentary with tags on January 8, 2026 by itnerd

According to a just-released report by threat intelligence company SOCRadar, 2025 saw:

  • New highs for credential theft with a total of 388 million credentials were stolen from the ten most affected platforms. Facebook accounted for 93 million records, followed by Google with 67 million and Roblox with 66 million.
    • Gaming platforms were hit especially hard. Roblox, Twitch, and Epic Games together accounted for around 100 million accounts.
  • Dark Web activity centered on commercial exchange with sales accounting for 59% of observed activity, while 33% involved sharing stolen data and Hack announcements are around 5%.
    • The US appeared in nearly 20% of all forum discussions, making it the most referenced country. Public Administration led sector discussions at 13%, followed by Information and Finance at around 10% each.
  • Ransomware Activity Spread Across Groups – Akira led with 8.4% of incidents, followed by Qilin at 7.3% and Cl0p at 5.8%. No group controlled a large share of the landscape.
    • The US saw 41% of all ransomware attacks, while the United Kingdom followed with 18%. Australia, Japan, and Canada completed the top five. English-speaking countries together accounted for more than 60% of reported cases.

What Do These Numbers Mean?

These developments form a connected chain. Credentials are stolen through malware. That access is sold on Dark Web forums. Ransomware groups purchase it and use it to launch attacks. This process creates various risks for organizations on multiple fronts. Employees are targeted first through personal or work accounts. Compromised credentials then become gateways to larger incidents.

The 388 million stolen credentials represent more than isolated breaches. They serve as entry points that enable broader and more damaging attacks.

The full report covers:

The 2025 End of Year Report expands on these findings, including:

  • Stealer log distribution
  • Dark Web activity
  • Ransomware threats
  • Global phishing activity
  • And a summary of the threat landscape in 2025

To view the full report, see this link End of The Year 2025 Cyber Analysis

Leave a comment »

NordPass launches Authenticator for personal accounts

Posted in Commentary with tags on January 8, 2026 by itnerd

NordPass simplifies secure logins by including Authenticator on multiple devices in the application for personal use. The time-based one-time password (TOTP) support enables users to add an extra layer of security to their accounts with two-factor authentication, without the need to download or install additional applications. Authentication codes are synchronized within the account, letting users access them on both the mobile app or browser extension.

NordPass Authenticator stands out in the market with an added biometric layer that protects verification codes. Unlike most authentication apps, which display codes as soon as a user logs in, NordPass Authenticator requires biometric verification before revealing the security code. This true second-factor approach enhances security without compromising the user experience. Business users have already been able to access NordPass Authenticator to secure their corporate accounts. Now NordPass Authenticator is available for Premium and Family plan users.

Moreover, users will benefit from autofilling TOTP codes on any devices. This solution will bring more convenience while logging in to banking, social media, and other high-security services, browsing in incognito mode or switching between devices. 

Additionally, sharing access to accounts protected by two-factor authentication is inconvenient and often insecure – people tend to send codes through chats or SMS, which puts their accounts at risk. Moreover, relying on SMS prompts increases vulnerability to manipulation by smishing. This lack of a simple, secure way to manage and share logins protected by second factor authentication makes everyday digital tasks complicated.

With the TOTP support, NordPass functions as an authentication tool, generating two-factor codes for any credential the user has configured. For each account with two-factor authentication enabled, the user must first add its TOTP setup key to the corresponding item in the vault. Once the secret key is added, NordPass will generate the time-based codes that could be used when the service prompts for them during login.

Leave a comment »

« Older Entries
Newer Entries »