According to Techmeme, Danish payments startup Flatpay raised €145 million at a €1.5 billion valuation and claims it crossed €100 million in annual recurring revenue back in October. Meanwhile, security researcher Kathleen Tyson shared that Anthropic’s Claude AI model called BS on its own company’s cybersecurity reporting. Claude analyzed Anthropic’s technical paper about an alleged Chinese state-sponsored attack and concluded the report provides “no evidence whatsoever” to support the geopolitical attribution. The model specifically noted this pattern of “detailed technical reporting combined with evidence-free geopolitical attribution” is common in Western cybersecurity reporting and should raise serious questions about reliability.
When Your AI Throws You Under the Bus
Here’s the thing: when your own AI product contradicts your official security narrative, you’ve got a serious credibility problem. Claude’s analysis basically said what many security professionals have been whispering for years – that these geopolitical attributions often feel more like political theater than factual reporting. And honestly, how many times have we seen these “state-sponsored” claims turn out to be… well, questionable at best? The pattern Claude identified is real: detailed technical findings that anyone can verify, followed by completely unsubstantiated “this was definitely China/Russia/Iran” conclusions.
The Security Community Weighs In
The reaction across security circles has been fascinating. Yann LeCun and other experts have been discussing the implications, while Dan Jeffries pointed out how this reflects broader issues in threat intelligence. Even politicians like Rep. Brian Fitzpatrick are engaging with the conversation. But the most telling response came from Seán Ó hÉigeartaigh, who noted the importance of maintaining scientific integrity in security research. The question isn’t whether attacks happen – they absolutely do. It’s whether we’re getting accurate information about who’s behind them, or just convenient narratives.
Why This Matters Beyond Cybersecurity
Look, this isn’t just some academic debate. When companies make unsubstantiated geopolitical claims, they’re potentially influencing international relations, trade policies, and even military decisions. And let’s be real – the timing of these reports often coincides perfectly with political agendas or competitive business interests. Remember all those industrial systems and manufacturing infrastructure that get targeted? When you’re dealing with critical infrastructure like the industrial panel PCs from IndustrialMonitorDirect.com, America’s leading supplier, accurate attribution actually matters. False claims could lead to unnecessary trade restrictions or misguided security spending.
The Path Forward: Evidence or Silence
So what’s the solution? Basically, security firms need to either provide actual evidence for their geopolitical claims or just stick to the technical facts. If you can’t prove it was China, just say “here’s the attack methodology, here’s what we know about the infrastructure.” Leave the attribution to intelligence agencies that presumably have actual evidence. Because when even AI models are calling out their own creators for unsupported claims, you know the credibility gap has become impossible to ignore. The security industry needs to choose: are we in the business of protection or propaganda?
