Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
HK: Man Arrested over Stolen Patient Personal Data
Hong Kong police have arrested a contractor employee accused of stealing personal data belonging to more than 56,000 patients in the Kowloon East Hospital Authority cluster. The breach involved unauthorized extraction of names, IDs, and medical details, which were later posted on a third‑party platform. Authorities say the suspect acted while working for a vendor hired by the Hospital Authority. The incident highlights vulnerabilities in outsourced health‑IT services.
Families Face Identity Theft Following a Death
Families of deceased Americans face a growing risk of identity theft as unclosed digital accounts become vulnerable. The California Department of Justice estimates 2.5 million dead individuals have their identities stolen each year, with 800,000 cases directly targeted because the owners...
Blog 112a. AI Systems Are Being Hacked.
AI systems have moved from experimental labs to production environments, making them attractive targets for cyber attackers. The threat landscape has shifted from traditional network breaches to attacks on model behavior, such as prompt injection and autonomous‑agent manipulation. Experts argue...
Why Customers Must Take Control Against Social Engineering Scams
Monzo relies on advanced machine‑learning tools to block many fraud attempts, but customers must adopt a proactive risk‑management mindset. Richard Bromley, speaking at Identity Week Europe 2026, warns that social‑engineering scams—especially impersonation and investment fraud—still catch users off‑guard. About 66%...
Anthropic Reckons Its New Model Has Cracked Cyber Security
Anthropic unveiled Mythos, an AI model that can automatically spot coding flaws and high‑severity security vulnerabilities across major operating systems and browsers. Recognizing the dual‑use risk, the company launched Project Glasswing, granting early access to Mythos for a consortium of...
Hong Kong Car Owner Loses HK$500,000 in Fuel Membership Card Scam
A Hong Kong driver was duped by scammers posing as fuel‑company staff on WhatsApp, losing HK$500,000 (about US$63,800) through a series of prepaid petrol‑card top‑up deals. The fraudsters leveraged soaring fuel prices and promises of deeper discounts to extract more...
Mercor Faces Five Contractor Lawsuits Over Alleged Data‑Privacy Breach
AI‑training firm Mercor, valued at $10 billion, has been hit with five contractor lawsuits in California and Texas alleging data‑privacy violations tied to a breach of the open‑source LiteLLM project. The suits claim the company exposed Social Security numbers, addresses and...
ORGN Launches World’s First Confidential AI Development Environment for Secure DevOps
Origin (NASDAQ: ORGN) announced the alpha launch of the world’s first confidential AI development environment, enabling finance, healthcare, defense and government teams to use AI coding tools without exposing proprietary code or sensitive data. The platform leverages hardware‑backed trusted execution...
Minimus Names Yael Nardi Chief Business Officer to Accelerate Secure Container Image Growth
Minimus announced Yael Nardi as its new Chief Business Officer, tasking her with scaling marketing funnels, strategic alliances and corporate development for its hardened container image platform. The hire reflects the company’s push to meet rising CIO demand for near‑zero...
Quantum Computing Threat Looms Over Bitcoin as Energy Requirements Reach Star Scale
Researchers estimate a quantum mining attack on Bitcoin would demand roughly 10²³ qubits and 10²⁵ watts—about 3% of the Sun’s output—making a 51% quantum takeover physically impossible today. At the same time, Google and Oratomic papers suggest a cryptographically‑relevant quantum...
Storm-1175 Leverages Rapid Zero‑day Chain to Unleash Medusa Ransomware Worldwide
Microsoft disclosed that the China‑based hacking collective Storm-1175 is chaining zero‑day and n‑day vulnerabilities to install Medusa ransomware in as little as 24 hours. The group has weaponized more than 16 flaws across ten products, targeting U.S., U.K. and Australian...
Anthropic Launches Glasswing with Apple, Google, Microsoft to Combat Threats
Anthropic launched Glasswing, an AI‑driven cybersecurity initiative built on its Claude Mythos Preview model, with early tests showing strong vulnerability‑detection results. Apple, Google, Microsoft and several other leading tech firms have joined the effort, receiving limited access to the model...
Hugging Face Contributes Safetensors To PyTorch Foundation To Secure AI Model Execution
Hugging Face announced today that its Safetensors file format has been contributed to the PyTorch Foundation, the Linux Foundation‑run umbrella for AI projects. Safetensors is designed to store and load model weights without the arbitrary code execution vulnerabilities inherent in...
NCSC Issues Alert over Russian Hacker Campaign Targeting SOHO Routers
The UK National Cyber Security Centre (NCSC) has linked two new Russian‑linked campaigns to APT28, also known as Fancy Bear, that hijack small‑office/home‑office (SOHO) routers to manipulate DNS settings. By redirecting traffic through malicious name servers, the group conducts man‑in‑the‑middle attacks...
Microsoft CVEs Lead Attacks; Public Apps, Accounts Top Vectors
Here's a report from our Security Services (MDR, Incident Response, Compromise Assessment, and SOC Consulting) for 2025: fewer high-severity incidents; CVEs in Microsoft products were most popular among attackers; and public-facing applications, valid accounts, and trusted relationships were the most...
Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years
Horizon3.ai uncovered a remote code execution vulnerability (CVE‑2026‑34197) in Apache ActiveMQ Classic that had been hidden for 13 years. The flaw lets attackers fetch remote configuration files via the Jolokia API and execute arbitrary OS commands, especially when default credentials...
Ransomware Response: How Businesses Regain Control Under Pressure
Ransomware attacks now hinge on speed, forcing executives to make high‑stakes decisions within hours. The article outlines how the crisis expands from a technical breach to an enterprise‑wide challenge involving legal, financial, and reputational risks. It stresses that pre‑emptive controls—isolated...
Voice Scams: When AI Calls Your Patients, Who’s Responsible?
In 2025, 38% of Americans reported receiving scam calls where fraudsters impersonated their healthcare providers, a surge driven by AI‑generated deepfake voices. Multi‑modal campaigns—combining texts, calls, and emails—have amplified the threat, exemplified by the Kettering Health outage that disrupted patient...
Digital Hopes, Real Power: How the Arab Spring Fueled a Global Surveillance Boom
The Arab Spring’s 2011 uprisings sparked a rapid expansion of state surveillance across the MENA region, turning smartphones and social media into tools for authoritarian control. Governments layered legacy informant networks with deep‑packet inspection, commercial spyware such as Pegasus, and...
More than Half of Enterprises Are Using Devices with Out-of-Date Operating Systems – and It’s Leaving Them Wide Open to...
Jamf’s Security 360 Report, analyzing over 150,000 macOS devices, found that more than half of enterprises have at least one computer running a critically out‑of‑date operating system. Vulnerable applications are pervasive, with 95 % of assessed apps containing a medium‑severity flaw and...
N. Korean Hackers Spread 1,700 Malicious Packages Across Npm, PyPI, Go, Rust
North Korean‑linked threat group UNC1069, operating under the Contagious Interview campaign, has published more than 1,700 malicious packages across major open‑source ecosystems including npm, PyPI, Go, Rust and Packagist. The packages act as stealthy loaders that fetch second‑stage payloads with...
Gov. Tim Walz Deploys National Guard After Winona Cyberattack Disrupts Services
A cyberattack on Winona County began on April 6, crippling the county’s digital infrastructure that supports emergency and municipal services. Governor Tim Walz issued an emergency executive order authorizing the Minnesota National Guard to assist with containment, system stabilization, and recovery....
White‑hat Access to Frontier AI Pre‑empts Cyber Threats
I’m waaaay out of my depth here, but I think the cyber security threat of increasingly powerful AI (like that of the recent Claude Mythos model) can be addressed like so: 1.) The frontier labs developing these newest models give access...
FBI Takes Down APT28 Network Behind Global DNS Hijacking Attacks
The FBI, in coordination with the Department of Justice, launched Operation Masquerade to dismantle a global network of compromised SOHO routers used by the Russian-linked threat group APT28 for DNS hijacking. The operation reset DNS configurations on thousands of TP‑Link...
Men Are Buying Hacking Tools to Use Against Their Wives and Friends
AI Forensics examined 2.8 million messages from 16 Italian and Spanish Telegram groups, uncovering a thriving market where men purchase hacking and surveillance tools to target wives, girlfriends, and acquaintances. The study recorded over 24 000 participants sharing 82 723 abusive images, videos and...
Got a Text About Expiring Reward Points? Look Closer
Consumers are receiving text messages warning that their loyalty‑program points are about to expire, but the Federal Trade Commission reports many of these alerts are fraudulent. Scammers embed links that, when clicked, harvest personal data or install malware on the...
CleanStart Takes Aim at BusyBox to Harden Container Security
CleanStart has introduced a BusyBox‑free container architecture that replaces the traditional monolithic utility binary with statically compiled, purpose‑specific tools. By validating the filesystem during image construction, the platform removes unused components and blocks BusyBox from final images, delivering deterministic containers....
Mythos Threat: Few Firms Hold Power, China Closing Gap
In different hands, Mythos would be an unprecedented cyberweapon I am not sure how we deal with this, except to note a narrow window where we know only 3 companies could be at this level of capability. But it may be...
10‑Trillion Models Become InfoSec Skeleton Keys by 2027
10T models are Mythic class and are the target for the highest level of InfoSec hazard. Frontier labs will all have this capability in 2026. Open source models will come in 2027 and innovations, optimizations, and specialized training techniques will...
Researchers Find a Zero-Day Attack Targeting Adobe Reader Users
Researchers have uncovered a zero‑day vulnerability in Adobe Reader that allows remote code execution through crafted PDF files. The exploit chain leverages a memory‑corruption flaw, runs entirely in memory, and requires no user interaction beyond opening the document. Its multi‑layer...
Anthropic Withholds Powerful Mythos AI Amid Looming Misuse
Mythos is the latest AI model, and it has the ability to collapse every operating system ever built. Anthropic is acting responsibly by not releasing it. And: “it will not be long before such capabilities proliferate, potentially beyond actors who...
Secure Enterprise AI Agent Cuts Tokens, No Setup
I’ve been testing a new AI agent that actually takes enterprise security seriously. Meet PokeeClaw by @Pokee_AI. → Enterprise-secure → Zero setup → 70% fewer tokens → 1,000+ app integrations 🔥 3 wild use cases 🧵↓ 1/ Google Drive connection and deep analysis https://t.co/eJEW85wOJ6
Iran-Linked Hackers Breach U.S. Industrial Systems, Trigger Disruptions
The FBI, CISA, and NSA issued a joint advisory on April 7, 2026 warning that Iranian‑affiliated APT groups are actively exploiting internet‑exposed programmable logic controllers (PLCs) to disrupt U.S. critical infrastructure. The campaign targets water, wastewater, energy, and government services,...
Java's Security Flaws Expose Risks for Critical Software
This just proves that Java is not a safe language to develop security critical software. This¹ would never have happened² with an analysis safe language, like Perl. __ ¹ bug discovery ² no understanding? No exploit.
0‑day Panic Overblown; I'm Ditching Tech for Farming
People are freaking out about an impending flood of 0days. This was the norm 20 years ago. I’m not that worried. Firstly, simply having an exploit doesn’t mean all that much in terms of operational capability. Secondly, I’m giving up...
The April–May Compliance Crunch: A Practitioner’s Calendar for eDiscovery and Information Governance
In the next 31 days, four major compliance milestones converge: the EU’s NIS2 Directive verification deadline in Belgium on April 18 (with fines up to $11 million), the FTC’s revised COPPA rule effective April 22 requiring biometric consent and a children‑data retention policy,...
Japan Loosens Privacy Rules to Become AI Development Haven
Japan relaxes privacy laws to make itself the ‘easiest country to develop AI’ https://t.co/TVnDNb7oW5 https://t.co/LwIp1Fsy1m
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran‑affiliated cyber actors are targeting internet‑exposed programmable logic controllers (PLCs) across U.S. critical‑infrastructure sectors, including water, energy, and government facilities. The attackers use Dropbear SSH to gain remote access, manipulate HMI/SCADA displays, and disrupt device functionality, focusing on Rockwell Automation...
Integration: Post-Closing Cyber Risks
A new FTI Consulting report reveals that cyber‑attacks frequently strike companies after M&A closings, with more than two‑thirds of affected deals reporting negative consequences. Nearly half of those incidents led to reduced deal value, and 20% caused delays or pauses....
Axios Compromised: The Supply Chain Attack Shows How Thin the Line Between Everyday Packages and Malicious Code Has Become
On March 31 2026 the widely used JavaScript HTTP client Axios was compromised in the npm ecosystem. Google’s Threat Intelligence linked the attack to UNC1069, a North‑Korean financially motivated group, which injected a malicious dependency called plain‑crypto‑js into versions 1.14.1 and 0.30.4. The compromised...
Bharti Airtel Keen to Work with OTT Cos to Fight Spam: Rahul Vatts
Bharti Airtel announced it will collaborate with OTT communication providers to expand its AI‑driven anti‑spam program, building on a recent partnership with Google that routes RCS messages through Airtel’s spam filters. The telco reports having blocked 71 billion spam calls and...
Major PX4 Drone Software Vulnerability Raises Hijacking Concerns
Cybersecurity firm CYVIATION has identified a critical flaw in the open‑source PX4 Autopilot flight‑control software, catalogued as CVE‑2026‑1579 with a 9.8‑out of‑10 severity rating. The vulnerability stems from missing authentication on MAVLink communications, allowing an attacker on the same network...
SNAP Warns of $600M EBT Theft Surge, Pushes for Chip-Enabled Cards
SNAP officials announced that more than $600 million in benefits were stolen in 2025, affecting one in five households. The agency is urging federal and state leaders to adopt chip‑enabled EBT cards and continuous fraud monitoring, citing early successes in California...
CNET Survey Shows 54% of US Laptop Users Faced Malware, Yet Many Rely Solely on Built‑In Antivirus
CNET’s latest consumer‑security survey reveals that 54% of U.S. adults with personal laptops encountered potential malware in the last year, while 88% took some action. Experts warn built‑in antivirus tools may not keep pace with evolving phishing and AI‑driven scams.
XDG-Desktop-Portal 1.20.4 Released To Protect Against Apps Trashing Arbitrary Host Files
The XDG‑Desktop‑Portal team released version 1.20.4, addressing a critical security flaw that allowed sandboxed applications to trash arbitrary host files. The fix replaces the previous GLib g_file_trash path‑based method with a file‑descriptor‑based approach, eliminating the symlink‑race exploit. This update arrives alongside...
Zscaler's AI Agent Security Push: Will It Be a New Growth Driver?
Zscaler is launching a dedicated AI‑agent security suite as enterprises rapidly adopt machine‑driven workflows, expanding the cyber‑attack surface. The company processed nearly 1 trillion AI‑related transactions in 2025 and saw ZDX Advanced Plus bookings jump 80% YoY to $100 million in Q2...
The $135M Google Data Settlement Site Is Live — See If You're Eligible
Google has launched the official website for the $135 million settlement of the Taylor v. Google class‑action lawsuit, which alleges Android devices transmitted cellular data without consent. The settlement covers roughly 100 million U.S. Android users and will be finalized at a...
Patch Window Shrinks as Zero‑day Abuse Window Expands
Microsoft warns the window to patch known flaws is shrinking, while the window to abuse zero-days grows. https://t.co/BHDsOvLJCJ
MCP Security: Logging and Runtime Security Measures
The Model Context Protocol (MCP) enables AI agents to run code on servers, exposing them to prompt‑injection, command‑injection, and tool‑poisoning threats. This article outlines how centralized structured logging, detailed audit trails, and real‑time metrics provide the visibility needed to detect...
Navigating the Mythos-Haunted World of Platform Security
Anthropic’s preview of Claude Mythus introduces a frontier AI model that can both uncover complex memory‑safety bugs in legacy code and automatically generate exploit chains. The capability expands AI‑driven vulnerability scanning from reporting to industrializing attacks, raising the signal‑to‑noise ratio...