Defensive cyber intelligence inevitably helps attackers prioritize, but silence helps them more. The answer is disciplined publication: enough detail for defenders to patch, hunt, and act — without adding weaponization value.
Active exploitation pressure hit SharePoint, ColdFusion, SimpleHelp, PeopleSoft, and edge infrastructure while Argo CD and supply-chain findings show attackers moving upstream into control planes, deployment systems, and trusted admin tooling.
A first-person editorial on a sudden Claude quality breakdown: over-refusal of defensive cyber work, fabricated threat-intel output, repeated hallucination after apology, and the broader risk that safety overreach can damage product trust.