#predator-spyware
#predator-spyware

2 hours ago

Artificial intelligence

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

19 hours ago

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

'Several dozen' orgs targeted by a new extortion crew

A new extortion crew, UNC6783, targets high-value corporations using phishing and social engineering tactics to steal sensitive data.

Britons warned about Russian hackers targeting internet routers for espionage

Russian hackers exploit internet routers for espionage, targeting users' credentials and devices on home networks.

fromTechSpot

15 hours ago

Hackers are turning home routers into tools to spy on Microsoft 365 users

Forest Blizzard hackers exploit insecure routers to compromise devices and intercept traffic, targeting Microsoft 365 domains for sensitive data.

2 hours ago

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

Cryptocurrency

19 hours ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

'Several dozen' orgs targeted by a new extortion crew

A new extortion crew, UNC6783, targets high-value corporations using phishing and social engineering tactics to steal sensitive data.

Britons warned about Russian hackers targeting internet routers for espionage

Russian hackers exploit internet routers for espionage, targeting users' credentials and devices on home networks.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Apple

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

more#apple-intelligence

3 hours ago

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

fromWIRED

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Health

fromWIRED

1 hour ago

Meta's New AI Asked for My Raw Health Data-and Gave Me Terrible Advice

Medical experts express concerns about uploading personal health data to AI models due to privacy and control issues.

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

US politics

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

US politics

fromwww.npr.org

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

US politics

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

Police corporal created AI porn from driver's license pics

A Pennsylvania state police corporal pleaded guilty to creating over 3,000 pornographic deepfakes and possessing child sexual abuse material.

Social media marketing

fromHer Campus

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

SF politics

fromWIRED

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Federal campaign spending on security for the 2024 election cycle exceeds five times that of the 2016 election due to rising threats against public servants.

DevOps

AWS: Agents shouldn't be secret, so we built a registry

AWS Agent Registry enhances visibility and control over AI agents in corporate environments.

Software development

fromDevOps.com

18 hours ago

Appknox Adds AI Tool to Detect and Fix Vulnerabilities in Mobile Applications - DevOps.com

Appknox introduces AI to assess mobile app vulnerabilities and recommend fixes, enhancing the patching process for software engineering teams.

#artificial-intelligence

fromwww.nytimes.com

1 month ago

Right-wing politics

Opinion | If A.I. Is a Weapon, Who Should Control It?

fromEngadget

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

fromwww.nytimes.com

1 month ago

Right-wing politics

Opinion | If A.I. Is a Weapon, Who Should Control It?

fromEngadget

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.

more#artificial-intelligence

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

#data-breach

Los Angeles

LAPD Records Hacked and Exposed

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Los Angeles

LAPD Records Hacked and Exposed

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

more#data-breach

#fraud-prevention

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

59 minutes ago

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

59 minutes ago

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

more#fraud-prevention

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

2 hours ago

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.

#ai

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromThe Atlantic

Claude Mythos Is Everyone's Problem

Anthropic has developed a powerful AI tool, Claude Mythos Preview, capable of exploiting major cybersecurity vulnerabilities.

fromwww.businessinsider.com

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.

fromThe Verge

fromHarvard Business Review

Artificial intelligence

Anthropic is launching a new AI model for cybersecurity

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

Information security

Anthropic says its latest AI model can expose weaknesses in software security

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromThe Atlantic

Claude Mythos Is Everyone's Problem

Anthropic has developed a powerful AI tool, Claude Mythos Preview, capable of exploiting major cybersecurity vulnerabilities.

fromwww.businessinsider.com

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.

fromThe Verge

fromHarvard Business Review

Anthropic is launching a new AI model for cybersecurity

Anthropic launches Claude Mythos Preview for cybersecurity, enabling companies to identify vulnerabilities with minimal human intervention.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

fromElectronic Frontier Foundation

Selling Mass Surveillance | EFFector 38.7

Police surveillance technology often expands beyond its original purpose, leading to concerns about privacy and civil liberties.

16 hours ago

CIA plans for 'AI coworkers', deputy director says

CIA plans to integrate AI tools into analysts' workflows to enhance intelligence-gathering and analysis capabilities.

23 hours ago

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

from24/7 Wall St.

18 hours ago

The Real Reason Cloudflare Is Down 11% Today Has Nothing to Do With Insider Selling

Insider selling at Cloudflare is routine and does not indicate trouble; the real concern is competition from Anthropic's new AI offerings.

fromArs Technica

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

fromElectronic Frontier Foundation

13 hours ago

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

fromThe Nation

San Diego's AI Battlefield Heats Up

AI-based surveillance systems pose significant threats to civil liberties and privacy in urban environments.

1 hour ago

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

22 hours ago

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

#fbi

Privacy professionals

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

Privacy professionals

FBI Declares Surveillance System Breach a 'Major Incident'

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

more#fbi

Secret Service is embedding AI experts across the agency

The U.S. Secret Service is hiring AI specialists to enhance the use of artificial intelligence within the agency.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

fromDevOps.com

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action - DevOps.com

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.

fromFast Company

It's way too easy to cheat now

Generative AI enables undetectable scams, including fake X-rays that deceive even experienced radiologists.

16 hours ago

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.

from24/7 Wall St.

20 hours ago

Why I'd Bottom-Fish in CrowdStrike While the Street is Still Nervous About Software

The SaaS sell-off continues, with many companies facing risks from AI disruption and significant stock declines.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

#identity-management

Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

more#identity-management

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

FBI: Cybercrime Losses Neared $21 Billion in 2025

Cyber-enabled crime losses increased by 26% in 2025, nearing $21 billion, with investment fraud being the most significant contributor.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

FBI: Cybercrime Losses Neared $21 Billion in 2025

Cyber-enabled crime losses increased by 26% in 2025, nearing $21 billion, with investment fraud being the most significant contributor.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

10 ChatGPT AI Prompts L1 SOC Analysts Can Use in Their Daily Work

Generative AI tools like ChatGPT can assist SOC analysts in managing alerts and improving workflow efficiency.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Russian government hackers broke into thousands of home routers to steal passwords | TechCrunch

Russian hackers hijacked thousands of routers globally to redirect internet traffic and steal passwords and access tokens.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.