X-PHY Inc

05/27/2026

As our friends, partners and communities around the world mark Eid al-Adha, we send our warmest wishes for a blessed and peaceful celebration.

05/06/2026

AI agents are becoming the most overprivileged “employees” in the company.

97% of enterprise leaders expect a major AI agent security incident within 12 months — yet only 6% of security budgets are allocated to this risk.

We’re onboarding agents faster than any human, then issuing them way more access than any human would ever get on day one: service accounts, API tokens, and application identities that connect to tools, data, endpoints, and cloud resources. They execute with elevated permissions.

And like any overprivileged insider, the risk isn’t really intent. It’s blast radius.

When an agent is compromised, it doesn’t need to “look suspicious.” It executes legitimate actions with legitimate credentials at machine speed - far faster than any human-driven incident response.

That’s why 87% of enterprise leaders agree that agents operating with valid credentials pose a greater insider threat risk than human employees: the activity looks like normal system behaviour, and traditional anomaly detection struggles to distinguish “compromised” from “functioning.”

So it’s time to take back control:
- Draw boundaries (what it can access, when, and why)
- Reduce privileges (least privilege, short-lived tokens, scoped roles)
- Add a hardware-rooted security layer (visibility and guardrails below the OS - outside the agent’s software attack surface)
- Monitor ex*****on, not just prompts

That’s why X-PHY starts at the hardware layer. Firmware-level visibility catches anomalies below the software stack - where agents connect to data, models, and infrastructure, and where “agent activity” becomes real operations.

04/22/2026

⚠️ Anthropic built an AI that found a zero-day vulnerability in OpenBSD - a flaw that had survived 27 years of expert human review and millions of automated scans.

And so, they chose not to release it.

Claude Mythos Preview operates autonomously. It reads source code, forms hypotheses, runs tests, and produces full exploit reports with no human involvement at any stage. In testing, it discovered thousands of previously unknown vulnerabilities across every major OS and browser.

And in an early test, it escaped its own sandbox and accessed the internet independently.

Our CEO Camellia Chan wrote about what this means for enterprise security architecture in this piece for Tech Coffee House.

The short version:
The patch-and-recover model (the window between discovery and exploitation) depends on time. CrowdStrike's 2026 Global Threat Report already recorded an 89% year-on-year increase in AI-assisted attacks, and that was before Mythos existed. When AI can produce working zero-day exploits at speed, that window doesn't just shrink - it closes.

This is not about being more vigilant or patching faster. The rules of the game have long changed, and doubling down on old methods alone will prove futile.

This is why hardware-rooted security matters. A defence embedded below the OS and firmware layer sits outside the attack surface that tools like Mythos are designed to probe. It's the last line that doesn't depend on the software environment remaining intact to function.

Read the full piece here → https://techcoffeehouse.com/2026/04/20/anthropic-withheld-claude-mythos-preview-here-is-what-the-security-industry-needs-to-learn/

04/14/2026

Anthropic's Claude Mythos Preview - Boon or Bane?

The code-security LLM is reportedly capable of finding deep vulnerabilities and accelerating exploit development. So capable that it escaped its sandbox environment, accessed the internet, and emailed the developer about its prison break.

It is no wonder Anthropic is keeping the model in limited availability rather than releasing it broadly.

As our CEO Camellia Chan notes in this article on Fast Company, once AI can produce working zero-day exploits at speed, organisations could “lose the breathing space they have traditionally relied on to detect, patch, and recover.” She also warns: “Any security architecture that assumes a bounded, predictable attacker needs to reckon with that.”

Where do you stand on this - defensive breakthrough, offensive accelerant, or both?

Read 👉 https://www.fastcompany.com/91525413/is-mythos-a-blessing-or-a-curse-for-cybersecurity-it-depends-who-you-ask

04/09/2026

A candidate joins a video interview. They look real. They sound real. They answer every question.

But they are not real.

This clip - originally shared by Vidoc Security Lab - shows a deepfake job interview candidate in the wild.

The moment the video appeared on screen, X-PHY Deepfake Detector prompted us to run detection. One click, and it caught it on the first pass.

HR teams spend enormous energy verifying credentials, checking references, running background checks - but when it comes to the person on the other end of the camera, all they have is their eyes and gut instinct.

That gap is being exploited right now. Reach out to learn more about our award-winning Deepfake Detector now.

🎥 Original clip credit: youtube.com/shorts/o8ZIRk1zuNc

04/01/2026

RSA sparked a lot of important conversations around AI agent security.

At X-PHY, we looked specifically at the gap between defending prompts and securing what happens after - when agents start executing. And of course, with hardware in the mix.

Booth-side, our partner-led demo with Gopher Security resulted in a lot of eye-opening conversations, quickly transforming generic agent security chatter into an infrastructure-level problem once real integrations are in play.

Hear what our CEO, Camellia Chan, had to say about the role of intelligent hardware security in protecting data in her interview with CyberRiskTV: https://www.youtube.com/watch?v=u7ZEfKK9eOA

💬 If you are adopting MCP and AI agents in production, now is the time to add hardware-enforced guardrails. Reach out to learn more.

Camellia Chan, CEO and Co-Founder of X-PHY, discusses how Model Context Protocol (MCP) is making it easier for AI agents to plug into enterprise apps and ope...

03/31/2026

📣 News: X-PHY Solid State Drive (SSD) has been selected as a finalist at the 2026 UK Cyber OSPAs under the Outstanding Overseas Cyber Security Initiative category.

The UK Cyber OSPAs are supported by numerous industry bodies and special interest groups globally, which nominate judges to represent them - bringing broad, cross-sector perspectives to the judging process, including both private and public sector stakeholders. Organisations involved in the judging process include the UK Cyber Security Council, TechUK, CREST, The Security Institute, ISACA (Midland Chapter), and more.

As threats continue to evolve, security must stop being an afterthought. We believe resilience has to be built from the ground up, and we are honoured to see that work recognised on an international stage.

See the full finalists list here: https://www.thecyberospas.com/2026/03/30/spotlight-on-success-2026-uk-cyber-ospas-finalists-unveiled/

03/27/2026

It's a wrap and what a week it has been! From hosting high-level delegations and industry titans, to being featured in interviews, the energy has been relentless.

A massive thank you to everyone who visited Booth 5256 and to our incredible global community for following along online. Your support and feedback drives the work we do in AI MCP security and in deepfake detection.

And of course, a special shoutout to the ground crew - the real MVPs who powered through 4 days of non-stop demos and deep-dives! 🦾🔋

Missed us at the booth? You can still grab our RSAC Exclusive: 📢 60% OFF the Deepfake Detector (Ends March 29!)
👉 https://tinyurl.com/DeepfakeDetectorDiscount

03/26/2026

A huge thank you to CGTN and Mark Niu for featuring X-PHY in their latest coverage of RSAC 2026!

As AI-driven threats like deepfakes become increasingly sophisticated, the global conversation is shifting toward how we can build a more resilient digital future.

We know we've been using the word "honoured" a lot to describe all our experiences here so far, but truly, we are grateful to be given these opportunities to showcase our X-PHY Deepfake Detector and discuss why hardware-enforced, privacy-first security is the essential missing link in modern defense.

Catch the full story and see how cybersecurity experts are examining new threats at this year's conference: 🔗 https://newsus.cgtn.com/news/2026-03-26/Cybersecurity-experts-examine-new-threats-at-RSAC-Conference--1LOxobbpI5i/p.html

📍 Still at RSAC? Come see the tech everyone is talking about at Booth 5256!

RSAC SPECIAL: Grab our award-winning tech for 60% OFF (Ends March 29!): 👉 https://tinyurl.com/DeepfakeDetectorDiscount

More than 40,000 people are attending one of the biggest gatherings of cybersecurity experts in San Francisco; the RSAC Conference.Analysts say there are new threats emerging in the industry, particularly from autonomous agents.CGTN’s Mark

03/26/2026

They say Day 3 is for the deep-thinkers, and the energy at Booth 5256 proves it!

The highlight of our day? A visit from Tom Dodson, Supply Chain Security Architect at Intel. For those of us living and breathing hardware-enforced security, Tom is a true titan in the field and having someone who has spent decades shaping the standards for trusted supply chains and silicon integrity stop by to see our AI MCP Security and Deepfake Detector in action was a total blast for the team!

The Booth 5256 momentum continues to build today with the floor packed with leaders looking for real solutions to the "AI Trust" problem. We’ve spent the day showing how X-PHY:

- Hardcodes governance by moving security from vulnerable software layers directly into the SSD.

- Ensures privacy-first AI, with our award-winning Deepfake Detector being the talk of the North Expo because it runs entirely on the endpoint, catching face swaps with 90%+ accuracy without ever touching the cloud.

- Helps teams build a 2026 strategy where compromised AI agents are stopped at the silicon level before they can touch your data.

RSAC SPECIAL: You don't need to be an Intel architect to secure your team like one. Get 60% OFF the Deepfake Detector (Ends March 29!): 👉 https://lnkd.in/g7Yj4BXh (Discount applied automatically at checkout)

📍 Come say hi, grab a cap (and maybe a selfie!) at Moscone North Expo | Booth 5256