RC4 in Active Directory: The silent risk that’s harder to find than you think

RC4 blog featured image

RC4 is a legacy encryption algorithm that Kerberos has relied on for decades to secure authentication traffic in Active Directory (AD) environments. That’s about to change—whether your environment is ready or not.  As part of the security hardening tied to CVE-2026-20833, Microsoft is phasing out RC4 encryption in Kerberos authentication. The April 2026 Windows update marks the first phase where Kerberos Key […]

Runtime. Runtime. Runtime. What CISOs and IAM leaders are calibrating after Mythos

Runtime Mythos Roy blog featured image

Antrophic’s Mythos panicked the market, and after seeing what it does up close—running it against real enterprise environments alongside customers with access, and spending weeks in conversation with CISOs and IAM leaders who are actively rewriting strategy—I understand why. The core finding is not about novel techniques. It is about time. Mythos compresses the full attack […]