Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
GAO Warns DOD’s CMMC Fix Could Become the Program’s Biggest Threat
The Government Accountability Office issued a report warning that the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program is vulnerable to external risks, notably an over‑reliance on waivers and a shortage of qualified assessors. GAO also highlighted DOD’s lack of a clear roadmap for moving from NIST SP 800‑171 Revision 2 to Revision 3 and the redundancy with other security regimes. The report urges DOD to broaden its risk‑management toolkit and harmonize overlapping standards. Without these changes, the credibility of CMMC could be compromised.
ConnectWise CISO: MSP Cybersecurity Readiness Isn’t About ‘Chasing The Latest Zero-Day Anymore’
ConnectWise’s 2026 MSP Threat Report shows attackers are abandoning zero‑day exploits in favor of identity abuse, using stolen credentials, session tokens and trusted service accounts to infiltrate managed service providers. Ransomware groups now prioritize speed, targeting backups and bypassing MFA...
How the FBI Extracted Deleted Signal Messages From a Defendant's iPhone
The FBI recovered deleted Signal messages from a defendant’s iPhone by extracting data from the device’s push‑notification database, not the app itself. The suspect had removed Signal, yet incoming messages persisted in lock‑screen previews stored by iOS. This method revealed...
Kamino Introduces Contract-Level Security Controls for Lending Vaults
Kamino, Solana's largest lending protocol, launched Whitelisted Reserves, a contract‑level security feature that restricts vault allocations to protocol‑approved reserves. The mechanism blocks compromised curator keys from moving depositor funds into unvetted markets, a risk highlighted by the recent $270 million Drift...
Is Anthropic Limiting the Release of Mythos to Protect the Internet — or Anthropic?
Anthropic is holding back its newest large language model, Mythos, limiting access to a handful of major enterprises such as Amazon Web Services and JPMorgan Chase. The company says the model’s advanced ability to locate software vulnerabilities could be weaponized...
Google Chrome Adds Infostealer Protection Against Session Cookie Theft
Google Chrome 146 introduces Device Bound Session Credentials (DBSC) for Windows, a hardware‑linked protection that stops infostealer malware from abusing harvested session cookies. The feature cryptographically binds each session to the device’s TPM, making stolen cookies unusable without the private...
Mythos Autonomously Exploited Vulnerabilities that Survived 27 Years of Human Review. Security Teams Need a New Detection Playbook
Anthropic’s Claude Mythos Preview autonomously uncovered a 27‑year‑old OpenBSD TCP stack bug and dozens of other zero‑day flaws across operating systems, browsers, and crypto libraries, costing roughly $20,000 per discovery campaign. The model demonstrated a 90‑fold improvement over Claude Opus...
Do Ceasefires Slow Cyberattacks? History Suggests Not
A fragile US‑Iran cease‑fire was announced, prompting Iran‑aligned hacktivist group Handala to claim a temporary pause in its cyber operations against the United States. Experts, however, warn that historical evidence shows cease‑fires rarely translate into a digital stand‑down; cyber activity...
Alamo Heights ISD Declines to Say Whether It Paid Ransom
Alamo Heights Independent School District (AHISD) suffered a ransomware attack in late March that knocked out internet access for nearly a week. The district restored its systems with external forensic investigators but refused to confirm whether it paid a ransom,...
$3.6 Million Crypto Heist Targets Bitcoin Depot
Bitcoin Depot, which runs more than 25,000 crypto ATMs worldwide, disclosed a breach that allowed attackers to transfer roughly 50.9 Bitcoin—about $3.66 million—out of company‑controlled wallets. The intrusion was detected on March 23, prompting an incident response that involved external cybersecurity firms...
EU Publishes Implementing Act for Remote EUDI Wallet Onboarding
On Tuesday, the European Commission released an Implementing Act that sets reference standards for remote onboarding of European Digital Identity (EUDI) wallets. The act mandates a high assurance level, combining electronic identification with additional procedures, and aligns with ETSI TS 119 461...
Tesla Hits FSD Hackers with Surprise Move
Tesla has begun remotely disabling Full Self‑Driving (FSD) on vehicles fitted with third‑party CAN‑bus hacks that unlock the feature in markets where it is not approved. The crackdown, announced in early April, targets owners in Europe, China, Japan, South Korea...
AI Security Starts with Awareness and Governance, CISO Says
Healthcare AI promises efficiency and clinical gains, but introduces fresh security risks. Akron Children's Hospital’s CISO Deepesh Randeri outlines a structured governance model that forces every AI initiative through committees, due‑diligence vetting, and continuous oversight. The hospital mandates centralized IT...
Claude Mythos Is Everyone’s Problem
Anthropic announced Claude Mythos Preview, an AI model that can autonomously locate thousands of software vulnerabilities, including long‑standing OS flaws. The tool is being shared only with a consortium of major tech firms such as Apple, Microsoft, Google and Nvidia...
EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess?
In this live Cloud Security Podcast episode, host Tim Peacock and co‑host Anton Chewbacca interview Eric Foster and Bashar Abu Abusido, CEOs of 10X, about AI‑native Managed Detection and Response (MDR) and its impact on SOC modernization. They discuss why...
Smart Slider Updates Hijacked to Push Malicious WordPress, Joomla Versions
Security researchers discovered that the update mechanism for the Smart Slider 3 Pro plugin was hijacked, delivering a malicious version (3.5.1.35) for WordPress and Joomla on April 7. The compromised code embeds multiple backdoors, creates hidden administrator accounts, and injects persistent...
Dozens of U.S. Cities Pull Flock Safety License‑Plate Cameras After Privacy Outcry
More than 30 U.S. cities have terminated contracts with Flock Safety, removing its AI‑powered license‑plate readers after public pressure over privacy and data‑sharing with ICE. The wave of cancellations, which began in early 2026, underscores growing scrutiny of municipal surveillance...
Why Backup Automation Is Critical for Agency Hosting
Digital agencies face site failures that can cost revenue, SEO rankings, and reputation. Manual backups are error‑prone; automated backups provide reliable, frequent snapshots with retention. A modern system should deliver daily backups, 30‑day history, one‑click restores, and client‑visible reporting. Implementing...
New Apple Scam Hits Millions of iPhone Users Worldwide, Draining Bank Accounts
Apple has issued a global warning about a new wave of social‑engineering scams that target iPhone users through fake Apple Pay alerts and urgent phone calls. The fraudsters create panic, press victims to call a supplied number, and in extreme cases...
Inside the FBI’s Router Takedown that Cut Off APT28’s ‘Tremendous Access’
The FBI’s Operation Masquerade forced a reset of DNS settings on more than 18,000 compromised TP‑Link routers, cutting off Russian GRU‑linked APT28 (Fancy Bear) from infiltrating over 200 organizations worldwide. By targeting the routers themselves, the agency blocked the malicious IP...
MailRoute Expands MSP Program to Simplify Email Security Delivery
MailRoute has refreshed its MSP and channel partner program to deliver email security as a fully white‑label service that can be provisioned in minutes via MX‑level filtering. The new model lets managed service providers onboard client domains by changing two...
SOCRadar Unveils AI Agent Marketplace and Identity Intelligence to Protect Against Identity-Driven Cyberattacks
SOCRadar has launched an AI Agent Marketplace that lets organizations buy and deploy specialized autonomous agents for tasks like phishing detection, brand abuse protection, and dark‑web monitoring. The company also introduced Identity and Access Intelligence to expose credential leaks across...
USCIS Explores Remote Identity Verification for Immigration Services
U.S. Citizenship and Immigration Services (USCIS) issued a Request for Information seeking a software‑only, API‑driven platform that can authenticate identity documents and perform facial comparison remotely. The agency wants a solution that works on any mobile device or web browser,...
STX RAT Targets Finance Sector With Advanced Stealth Tactics
A new remote access trojan, STX RAT, was discovered after an attempted intrusion in a financial services firm in February 2026. The malware employs multi‑stage scripts, in‑memory execution, and encrypted C2 traffic to evade traditional defenses. It can harvest browser data,...
Little Snitch Comes To Linux To Expose What Your Software Is Really Doing
Little Snitch, the macOS network‑monitoring utility, is being ported to Linux. The prototype leverages eBPF for kernel‑level traffic interception and is built primarily in Rust with a web‑based interface that can monitor both local and remote machines. Early testing on...
Tesla Cracks Down on FSD Hacking Devices, Remotely Shuts Down Access
Tesla has begun remotely disabling Full Self‑Driving (FSD) on vehicles equipped with unauthorized CAN‑bus hack modules that bypass regional software locks. The €500 devices, popular in Europe, South Korea, China and Turkey, unlock FSD where regulatory approval is pending, prompting...
WatchGuard Targets EDR Pricing Pressure with MSP-Focused Endpoint Model
WatchGuard launched a new endpoint security portfolio that bundles AI‑driven detection, vulnerability management, and URL filtering into a tiered licensing model aimed at managed service providers (MSPs). The approach removes the so‑called “entry‑level tax,” allowing MSPs to offer baseline protections...
8 Best Practices for a Bulletproof IAM Strategy
Organizations must move beyond default IAM configurations to counter rising identity‑related threats such as AI‑driven attacks, machine identities, and sophisticated phishing. The article outlines eight best practices, including adopting zero‑trust, deploying phishing‑resistant MFA, enforcing strong password policies, applying least‑privilege access,...
Fuzzing: What Are the Latest Developments?
Fuzz testing has moved from a niche security tool to a mainstream assurance technique, now covering cloud‑native, embedded, and safety‑critical systems. Innovations such as grammar‑based, hybrid, and AI‑assisted fuzzers boost coverage and efficiency, while emulation‑based approaches enable early testing of...
Lumen: Upstream Network Visibility Is Enterprise Security’s New Front Line
Lumen’s 2026 Defender Threatscape Report argues that modern cyber‑attacks reveal their most decisive signals upstream, in the network, rather than on endpoints. Leveraging its backbone visibility into 99% of public IPv4 space, Black Lotus Labs monitors over 200 billion NetFlow sessions...
Claude Code Can Be Manipulated via CLAUDE.md to Run SQL Injection Attacks
LayerX researchers discovered that the CLAUDE.md configuration file can be weaponized to bypass Claude Code’s safety guardrails, enabling automated SQL‑injection attacks without any programming. By inserting just three lines of plain English, the AI assistant was convinced it had permission to...
XDR vs SIEM vs SOAR: What’s the Right Cybersecurity Strategy in 2026?
The article examines the evolving roles of SIEM, SOAR and XDR in 2026, emphasizing that no single tool can address modern threat landscapes alone. While SIEM provides foundational log collection and compliance, SOAR automates response workflows, and XDR delivers context‑rich,...
Critical Open‑Source Projects Need Funding and Stronger Oversight
Feels like one of the cybersecurity risks over the coming months will be widely used open-source projects that are simply too lightly maintained for how critical they’ve become. A few ways to help: - fund open source more, and reward maintainers better -...
Google Addresses Privacy Concerns Around Gemini in Gmail
Google announced that its Gemini AI embedded in Gmail will not use personal email content for model training, processing each request locally and discarding the data afterward. The company emphasized that Gemini acts as a temporary assistant, keeping user inboxes...
Audit First, Build Later: Counterintuitive Path to 8‑Figure ARR
Would you pay auditors to audit you 10 times before building your product? This founder did. His startup hit 8-figure ARR. @grease_ is the co-founder of @sprintoHQ, a compliance automation platform that's now at 8-figure ARR with 3,000+ customers....
AI Cybersecurity Closes Gaps, Giving Defenders the Edge
Yes. We're closing vulnerabilities that could have been (and may have been) exploited by bad actors already. AI cyber-security may well favor defenders in the large majority of cases.
Apple Intelligence AI Guardrails Bypassed in New Attack
Researchers from RSAC demonstrated a method to bypass Apple Intelligence's on‑device AI guardrails, achieving a 76% success rate across 100 test prompts. The technique merges the Neural Execs prompt‑injection attack with Unicode right‑to‑left override manipulation, allowing malicious output to slip...
US to Weaponize Mythos, Consumers Lose Early Access
Im guessing the USA will use Mythos to decimate its adversaries and get all their secrets long before they ever have access to it. Get used to this format. The days of consumers getting the model at the same time as...
Google Resists Russia's VPN Crackdown, ZoogVPN Removed
As Russia doubles down against VPN usage, Google seems to be resisting removal requests so far, despite a popular app, ZoogVPN, having reportedly been removed from Google Play. Here's all we know. https://t.co/KtMgSkFAfK
FBI Extracts Suspect’s Deleted Signal Messages Saved in iPhone Notification Database
The FBI recovered deleted Signal messages from a suspect’s iPhone by extracting the device’s push‑notification database, which stored copies of incoming messages even after the app was removed. The evidence was used in a trial concerning a July incident at...
Blockchain Boosts Data Security for Modern Enterprises
How to Use #Blockchain for Enhanced #Data Security by @antgrasso #CyberSecurity #Infosec #IT #Technology https://t.co/qDcHN7LHpe
WhatsApp Enhances Privacy, Yet Gaps Remain
WhatsApp might be improving its privacy options, but there's still more to be done. https://t.co/Ibrc6RGxAp
The Ghost in the Machine: Securing Non-Human Identities
BeyondTrust will address the growing risk of non‑human identities at the ITWeb Security Summit in Johannesburg, highlighting how machines, applications and service accounts are becoming prime attack vectors. The firm warns that attackers now prefer logging in with over‑privileged or...
Ex‑Trenchant Exec Sold Exploits Amid Depression, Money Woes
Former Trenchant exec who stole exploits from his employer and sold them to Russian broker says he was suffering depression & money troubles when he decided to sell exploits. New info also reveals work he did for Australian intel agency...
AI Models Will Soon Design Advanced Weapons and Threats
“That’s exactly what we expect from those models – they’re going to become better at developing hacking tools, biological weapons, chemical weapons, novel weapons we can’t even envision,” Yampolskiy added.
Meta Shuts Down Internal AI Token Leaderboard Amid Privacy Concerns
Meta eliminated the employee‑created "Claudeonomics" leaderboard that tracked AI token usage across its 85,000‑strong workforce. The tool had recorded more than 60 trillion tokens in a 30‑day span, prompting concerns over data privacy, cost control and internal governance.
Tech Roundup: Podcasts, Supply-Chain Breach, Docs Framework
Fragments: two podcasts, a worryingly well-done supply-chain attack, framework for tech documentation, and a particularly thoughtful AI coding experience https://t.co/ABSAxWDYqw
AI Threat Real; Demands Global Government and Industry Cooperation
Yes, the threat from AI systems is real, and requires nation state cooperation, including across industry....
Security Researchers Tricked Apple Intelligence Into Cursing at Users. It Could Have Been a Lot Worse
Security researchers at RSAC demonstrated that Apple Intelligence, the on‑device AI built into iPhones, iPads, Macs and Vision Pro, can be hijacked through prompt‑injection attacks. Using a Neural Exec technique combined with a Unicode right‑to‑left override, they forced the model to utter...
As Fraud Escalates, Taking a Beat Becomes a Critical Defense
Fraud in the United States surged to an all‑time high, with the FBI reporting nearly $21 billion in losses last year and over one million complaints filed. Cryptocurrency investment scams alone accounted for $11 billion in damages, while AI‑driven schemes generated $893 million in...