#information-scrambling
#information-scrambling

12 hours ago

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromwww.businessinsider.com

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.

fromPsychology Today

What If We Used AI to Detect Threats to Humanity?

AI model Mythos escaped its sandbox, demonstrating capabilities to find software vulnerabilities, raising concerns about technological risks and threat assessment.

14 hours ago

US news

How AI is getting better at finding security holes

12 hours ago

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromwww.businessinsider.com

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.

fromPsychology Today

What If We Used AI to Detect Threats to Humanity?

AI model Mythos escaped its sandbox, demonstrating capabilities to find software vulnerabilities, raising concerns about technological risks and threat assessment.

Information security

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

Privacy professionals

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

Information security

US push to counter hackers draws industry deeper into offensive cyber debate

fromTechSpot

Hackers are turning home routers into tools to spy on Microsoft 365 users

Forest Blizzard hackers exploit insecure routers to compromise devices and intercept traffic, targeting Microsoft 365 domains for sensitive data.

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

fromZDNET

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

FBI and NSA warn of Russian hackers targeting vulnerable routers, urging users to update firmware and strengthen passwords.

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

US push to counter hackers draws industry deeper into offensive cyber debate

The U.S. government seeks private sector involvement in cyber defense, but clarity on offensive roles remains uncertain.

fromTechSpot

Hackers are turning home routers into tools to spy on Microsoft 365 users

Forest Blizzard hackers exploit insecure routers to compromise devices and intercept traffic, targeting Microsoft 365 domains for sensitive data.

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

How the Internet Broke Everyone's Bullshit Detectors

Synthetic media is reshaping information warfare, prioritizing speed and virality over accuracy in online content.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Apple

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

more#apple-intelligence

fromPopular Science

11 hours ago

How to stop your smart TV from tracking you

Smart TVs are capable of tracking user data, including viewing habits and app usage, which can lead to personalized advertising and content recommendations. Users may prefer to limit this tracking to protect their privacy.

Privacy technologies

Law

fromAbove the Law

Understanding AI Hallucinations: Making Sure You Don't End Up At The Wrong Stop - Above the Law

Understanding GenAI's predictable failures is crucial for legal professionals to avoid hallucinations and inaccuracies in legal outputs.

Health

Meta's New AI Asked for My Raw Health Data-and Gave Me Terrible Advice

Medical experts express concerns about uploading personal health data to AI models due to privacy and control issues.

Data science

fromPsychology Today

Is Algorithmic Asymmetry Reshaping How We Think?

Algorithmic asymmetry creates unequal access to information and decision-making, impacting individuals across various aspects of life.

Social media marketing

fromHer Campus

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

Daily briefing: Quantum computers could crack cybersecurity systems before 2030

Quantum computing advancements may threaten cybersecurity systems sooner than expected, potentially compromising encryption methods by the end of the decade.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

Information security

Cryptographers place $5,000 bet whether quantum will matter

Science

fromNature

Daily briefing: Quantum computers could crack cybersecurity systems before 2030

Quantum computing advancements may threaten cybersecurity systems sooner than expected, potentially compromising encryption methods by the end of the decade.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

Cryptographers place $5,000 bet whether quantum will matter

Quantum computing poses a potential threat to cryptography, prompting the development of Post-Quantum Cryptography to address future vulnerabilities.

more#quantum-computing

US politics

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

#fraud-prevention

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

more#fraud-prevention

US news

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

Courtney Williams was arrested for allegedly sharing classified national defense information with unauthorized individuals, including a journalist, from 2022 to 2025.

14 hours ago

This iPhone trick lets you use ChatGPT without the privacy risks

Using AI chatbots poses risks to privacy and data security, but Siri can help mask identity when accessing ChatGPT on iPhones.

Law

fromIndependent

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

Media industry

fromNew York Post

Google's AI Overviews spew millions of false answers per hour, bombshell study reveals

Google's AI search results generate millions of inaccuracies, impacting both users and news publishers reliant on accurate information.

Privacy technologies

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

Media industry

fromNew York Post

fromPrivacy International

Google's AI Overviews spew millions of false answers per hour, bombshell study reveals

Google's AI search results generate millions of inaccuracies, impacting both users and news publishers reliant on accurate information.

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

#security

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Sticky-note security turned gym into hall of '80s horrors

Leaving default security credentials exposed can lead to unauthorized access and potential security risks.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Sticky-note security turned gym into hall of '80s horrors

Leaving default security credentials exposed can lead to unauthorized access and potential security risks.

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

#iran

US news

Nations tried to impose a digital fog of war in Iran. The results are mixed

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

US news

Nations tried to impose a digital fog of war in Iran. The results are mixed

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

It's way too easy to cheat now

Generative AI enables undetectable scams, including fake X-rays that deceive even experienced radiologists.

#data-breach

fromTechCrunch

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Chinese Supercomputer Allegedly Hacked, 10 Petabytes of Data Stolen

A massive trove of sensitive data has allegedly been stolen from a Chinese supercomputer, including classified defense documents and missile schematics.

fromTechCrunch

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

fromElectronic Frontier Foundation

Chinese Supercomputer Allegedly Hacked, 10 Petabytes of Data Stolen

A massive trove of sensitive data has allegedly been stolen from a Chinese supercomputer, including classified defense documents and missile schematics.

more#data-breach

Privacy technologies

Selling Mass Surveillance | EFFector 38.7

Police surveillance technology often expands beyond its original purpose, leading to concerns about privacy and civil liberties.

fromTechCrunch

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

Miscellaneous

fromZDNET

1 month ago

AI threats will get worse: 6 ways to match the tenacity of your digital adversaries

AI amplifies threat actors' capabilities to conduct large-scale attacks rapidly, requiring organizations and individuals to adopt matching defensive tenacity and best practices.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

fromTechzine Global

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

#identity-management

Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

more#identity-management

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

LayerX: Anthropic's Claude Code Can Easily Be Easily Weaponized - DevOps.com

Claude Code's security guardrails can be easily bypassed, turning it into a tool for cyberattacks.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

fromDevOps.com

LayerX: Anthropic's Claude Code Can Easily Be Easily Weaponized - DevOps.com

Claude Code's security guardrails can be easily bypassed, turning it into a tool for cyberattacks.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

fromTechzine Global

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

fromTechRepublic

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.

fromDevOps.com

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action - DevOps.com

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.

Data Leakage Vulnerability Patched in OpenSSL

Seven vulnerabilities in OpenSSL have been patched, including a moderate severity flaw that can lead to sensitive data leakage.

fromTechRepublic

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

2 weeks ago

Information security

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

2 weeks ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

fromArs Technica

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

fromTechzine Global

3 weeks ago

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

1 month ago

Security in the Dark: Recognizing the Signs of Hidden Information

Withholding accurate or complete data undermines security decisions and increases organizational risk.