papa nurd papa nurd

Yesterday in the Nurdverse — AI, Cyber & IT (Dec 15, 2025)

1) AI Infrastructure: NVIDIA buys the team behind Slurm (SchedMD)

NVIDIA announced it’s acquiring SchedMD, the primary developer behind Slurm, a widely used open-source workload manager that helps schedule large compute jobs across HPC and AI clusters.
Translation: the AI arms race isn’t just about new models—it’s also about owning the “plumbing” that keeps GPU fleets fed, scheduled, and efficient at scale.

2) Enterprise IT + Cyber: ServiceNow in advanced talks to buy Armis (reportedly up to ~$7B)

Multiple reports say ServiceNow is in advanced talks to acquire Armis, a cybersecurity firm known for visibility and protection across connected devices (including OT/IoT environments), in a deal rumored up to $7B.
If it lands, it’s a loud signal that “IT service management + asset intelligence + security exposure” is converging into one big platform fight—especially for environments where you can’t just reboot a factory.

3) Patch Now: Apple publishes security content for iOS/iPadOS 26.2

Apple released details for the security content in iOS 26.2 and iPadOS 26.2—worth reading if you manage Apple fleets or just want to know what got fixed and why it mattered.
The practical move is simple: update first, read the postmortem second—mobile browser-engine issues don’t stay “targeted” forever once the fix is public.

4) CISA KEV: Sierra Wireless AirLink router flaw added (active exploitation)

CISA added CVE-2018-4063 (Sierra Wireless AirLink ALEOS) to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation.
If your org still has older industrial/field gateways lurking in closets, this is your reminder to inventory, patch (if possible), and isolate—because “old gear” is often the easiest gear to pop.

Job Boards and Hiring Pages (quick links)

Major job boards
USAJOBS: https://www.usajobs.gov/
Indeed: https://www.indeed.com/
LinkedIn Jobs: https://www.linkedin.com/jobs/
Glassdoor: https://www.glassdoor.com/Job/
ZipRecruiter: https://www.ziprecruiter.com/
Dice (tech): https://www.dice.com/
Built In (tech): https://builtin.com/jobs
Monster: https://www.monster.com/jobs/

Big tech & major IT employers (career pages)
Microsoft Careers: https://careers.microsoft.com/
Google Careers: https://careers.google.com/
Amazon Jobs: https://www.amazon.jobs/
Apple Jobs: https://jobs.apple.com/
Meta Careers: https://www.metacareers.com/
Netflix Jobs: https://jobs.netflix.com/
IBM Careers: https://www.ibm.com/careers
Cisco Careers: https://jobs.cisco.com/
Oracle Careers: https://careers.oracle.com/
Salesforce Careers: https://careers.salesforce.com/
CrowdStrike Careers: https://www.crowdstrike.com/careers/
Palo Alto Networks Careers: https://jobs.paloaltonetworks.com/

Source links (original content)

NVIDIA acquisition (Reuters): https://www.reuters.com/business/nvidia-buys-ai-software-provider-schedmd-expand-open-source-ai-push-2025-12-15/
Background on Slurm/SchedMD impact (Network World): https://www.networkworld.com/article/4106930/nvidia-moves-deeper-into-ai-infrastructure-with-schedmd-acquisition.html
ServiceNow ↔ Armis reports (Investopedia): https://www.investopedia.com/servicenow-stock-plunges-to-lead-s-and-p-500-decliners-on-monday-here-is-why-11868924
ServiceNow ↔ Armis channel coverage (CRN): https://www.crn.com/news/security/2025/servicenow-seeking-7b-acquisition-of-exposure-management-vendor-armis-report
Apple iOS/iPadOS 26.2 security content (Apple Support): https://support.apple.com/en-us/125884
CISA KEV alert for CVE-2018-4063: https://www.cisa.gov/news-events/alerts/2025/12/12/cisa-adds-one-known-exploited-vulnerability-catalog
Additional context (The Hacker News): https://thehackernews.com/2025/12/cisa-adds-actively-exploited-sierra.html

Read More
papa nurd papa nurd

Yesterday in the Nurdverse — AI, Cyber & IT (Dec 14, 2025)

1) AGI Watch: “AGI-capable” claim from Integral AI

Integral AI published a bold announcement: it says it has successfully tested what it calls the world’s first “AGI-capable model,” and it’s backing the claim with an interactive sandbox and a written definition of what “AGI” should mean (autonomous skill learning, safe/reliable mastery, and efficiency).
Take the posture of curiosity + skepticism: the next meaningful step is independent verification—clear evals, reproducible demos, and third-party scrutiny—because “AGI” is still a moving target and marketing language gets spicy fast.

2) Model Race: OpenAI’s GPT-5.2 release

OpenAI published details for GPT-5.2, focusing on improved “thinking,” agentic task performance, and token efficiency/cost tradeoffs.
If you’re in IT, this matters less as “wow new model” and more as “new workflows”: better copilots for troubleshooting, scripting, documentation, and triage—plus a faster cycle of new tools built on top of it.

3) Cyber Reality Check: OpenAI warns about “high” cybersecurity risk in upcoming models

Reuters reports OpenAI is warning that more advanced upcoming models may pose “high” cybersecurity risk, including the potential to enable more complex intrusion workflows if misused, while also investing in defensive tooling like code auditing and vulnerability patching support.
The practical takeaway: defenders should expect both sides to accelerate—meaning tighter patch discipline, better logging, and more automation in response playbooks becomes non-negotiable.

4) Patch Reality: Microsoft’s December 2025 Patch Tuesday

Microsoft’s December 2025 Patch Tuesday addressed 57 vulnerabilities, including three zero-days (with at least one reported as actively exploited) and multiple critical RCE issues.
If you’re building real-world credibility, this is the habit: track what’s exploited, patch the highest-risk exposure first, and verify (don’t just “assume successful updates”).

5) Breach Watch: Marquis breach hits dozens of banks/credit unions

A breach at financial software provider Marquis Software Solutions has been reported as impacting 74+ U.S. banks and credit unions, drawing attention to vendor risk and the blast radius of third-party platforms.
This is the recurring lesson: your security posture is only as strong as the vendors holding your data—and your contract language, monitoring, and incident response readiness.

6) Internet Plumbing: Cloudflare’s outage postmortem (why “one provider” can shake the web)

Cloudflare published a postmortem on its Dec 5, 2025 outage (roughly ~25 minutes), a reminder that modern apps sit on concentrated layers of infrastructure—and even short disruptions can ripple across a huge slice of the internet.

Job Boards and Hiring Pages (quick links)

Major job boards
USAJOBS: https://www.usajobs.gov/
Indeed: https://www.indeed.com/
LinkedIn Jobs: https://www.linkedin.com/jobs/
Glassdoor: https://www.glassdoor.com/Job/
ZipRecruiter: https://www.ziprecruiter.com/
Dice (tech): https://www.dice.com/
Built In (tech): https://builtin.com/jobs
Monster: https://www.monster.com/jobs/

Big tech & major IT employers (career pages)
Microsoft Careers: https://careers.microsoft.com/
Google Careers: https://careers.google.com/
Amazon Jobs: https://www.amazon.jobs/
Apple Jobs: https://jobs.apple.com/
Meta Careers: https://www.metacareers.com/
Netflix Jobs: https://jobs.netflix.com/
IBM Careers: https://www.ibm.com/careers
Cisco Careers: https://jobs.cisco.com/
Oracle Careers: https://careers.oracle.com/
Salesforce Careers: https://careers.salesforce.com/
CrowdStrike Careers: https://www.crowdstrike.com/careers/
Palo Alto Networks Careers: https://jobs.paloaltonetworks.com/

Source links (original content)

Integral AI AGI page: https://www.integral.ai/agi
Integral AI press release (Business Wire via Morningstar): https://www.morningstar.com/news/business-wire/20251207766692/integral-ai-unveils-worlds-first-agi-capable-model
Independent coverage (Interesting Engineering): https://interestingengineering.com/ai-robotics/worlds-first-agi-model
OpenAI — Introducing GPT-5.2: https://openai.com/index/introducing-gpt-5-2/
OpenAI cyber risk warning (Reuters): https://www.reuters.com/business/openai-warns-new-models-pose-high-cybersecurity-risk-2025-12-10/
Microsoft Patch Tuesday (BleepingComputer): https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2025-patch-tuesday-fixes-3-zero-days-57-flaws/
Microsoft Patch Tuesday (SecurityWeek): https://www.securityweek.com/microsoft-patches-57-vulnerabilities-three-zero-days/
Marquis breach coverage (BleepingComputer): https://www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
Cloudflare outage postmortem: https://blog.cloudflare.com/5-december-2025-outage/
Cloudflare outage context (The Guardian): https://www.theguardian.com/technology/2025/dec/05/another-cloudflare-outage-takes-down-websites-linkedin-zoom

Read More
papa nurd papa nurd

Nurd Snacks

volume 1.

The “AGI claim” making rounds + a major Disney/OpenAI licensing move + why cyber defenders should care this week.

Nurd Snacks — Yesterday in the Nurdverse (AI + Cyber + IT)

A company is circulating a bold claim about reaching “AGI-capable” performance, Disney just opened its character vault to generative video, and OpenAI is publicly warning that the next wave of models may meaningfully raise the cybersecurity risk ceiling.

A company claims “AGI-capable” performance — here’s what that actually means

Tokyo-based Integral AI published an announcement saying it has “successfully tested” what it calls the world’s first “AGI-capable model,” describing a system that can autonomously learn new skills “safely, efficiently, and reliably,” and pointing to an interactive sandbox meant to demonstrate its approach.

It’s important to read this as a company-defined capability claim, not a universally accepted “AGI has arrived” milestone. Integral AI itself emphasizes the need for a rigorous definition of AGI and frames its work as a step toward generality rather than a single benchmark victory.

What to watch next if you’re evaluating the claim:

  • Independent replication: third-party testing, transparent evals, and reproducible demonstrations.

  • Scope clarity: what “learns new skills” means in practice (what tasks, what environments, what constraints).

  • Safety story: what guardrails exist when autonomy and generalization increase.

Independent coverage has generally echoed the same theme: the claim is ambitious and interesting, but it’s also the kind of statement that requires outside validation before the rest of the world treats it as “AGI achieved.”

Disney invests $1B in OpenAI and licenses characters for Sora-generated video

In one of the biggest entertainment–AI deals yet, Disney announced a $1 billion investment in OpenAI alongside a three-year licensing agreement that allows the use of 200+ Disney-owned characters (Disney, Marvel, Pixar, Star Wars) in OpenAI’s Sora video generator. Reuters reports the deal excludes use of talent likenesses or voices, and is aimed at enabling short-form, character-based video creation with guardrails.

Ars Technica and other outlets reporting on the announcement describe the partnership as a major “mainstreaming” moment for generative video—where a top-tier IP holder is not just tolerating the tech, but formally licensing it and investing in it.

OpenAI warns upcoming models likely pose “high” cybersecurity risk

OpenAI has been increasingly public about how frontier model capability gains could amplify cybersecurity risk if misused. Reuters reports OpenAI is warning that upcoming advanced models are likely to pose “high” cybersecurity risk, with concerns that stronger systems could make it easier to find vulnerabilities or scale sophisticated intrusion workflows.

Axios similarly reports OpenAI’s warning focuses on rapidly improving capabilities—especially models that can operate more autonomously over longer periods—which could lower the barrier for certain offensive activities unless access controls and monitoring keep pace.

Separately, OpenAI has also published broader security framing about building defense and hardening infrastructure as capabilities rise toward AGI-level systems.

Source links (original content)

Integral AI — AGI page:
https://www.integral.ai/agi

Integral AI press-release distribution (Business Wire via Yahoo Finance):
https://finance.yahoo.com/news/integral-ai-unveils-world-first-113000253.html

Integral AI press-release distribution (Business Wire via Morningstar):
https://www.morningstar.com/news/business-wire/20251207766692/integral-ai-unveils-worlds-first-agi-capable-model

Independent coverage (Interesting Engineering):
https://interestingengineering.com/ai-robotics/worlds-first-agi-model

Disney + OpenAI Sora deal (Reuters):
https://www.reuters.com/business/media-telecom/disney-makes-1-billion-investment-openai-brings-characters-sora-2025-12-11/

Disney + OpenAI deal (Ars Technica):
https://arstechnica.com/ai/2025/12/disney-invests-1-billion-in-openai-licenses-200-characters-for-ai-video-app-sora/

OpenAI “high cybersecurity risk” warning (Reuters):
https://www.reuters.com/business/openai-warns-new-models-pose-high-cybersecurity-risk-2025-12-10/

OpenAI “high cybersecurity risk” warning (Axios):
https://www.axios.com/2025/12/10/openai-new-models-cybersecurity-risks

OpenAI: “Security on the Path to AGI”:
https://openai.com/index/security-on-the-path-to-agi/




Read More