#threat-assessment

[ follow ]
#cybersecurity #vulnerabilities #ai #anthropic #openai #critical-infrastructure #national-security #iran #malware
#anthropic
Artificial intelligence
fromThe Verge
1 day ago

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.
Artificial intelligence
fromAxios
2 days ago

Trump officials negotiating access to Anthropic's Mythos despite blacklist

Anthropic is selectively rolling out Mythos to assess its cyber capabilities with a few organizations, including potential government agencies.
Information security
fromTheregister
2 days ago

MCP 'design flaw' puts 200k servers at risk: Researcher

A design flaw in Anthropic's Model Context Protocol puts 200,000 servers at risk, despite repeated requests for a patch from security researchers.
Artificial intelligence
fromThe Verge
1 day ago

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.
Artificial intelligence
fromAxios
2 days ago

Trump officials negotiating access to Anthropic's Mythos despite blacklist

Anthropic is selectively rolling out Mythos to assess its cyber capabilities with a few organizations, including potential government agencies.
Information security
fromTheregister
2 days ago

MCP 'design flaw' puts 200k servers at risk: Researcher

A design flaw in Anthropic's Model Context Protocol puts 200,000 servers at risk, despite repeated requests for a patch from security researchers.
more#anthropic
Information security
fromSecurityWeek
18 hours ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
SF politics
fromNextgov.com
1 day ago

CISA resources 'more limited than I would like' amid shutdown, top official says

CISA faces significant funding limitations impacting its ability to counter hacking threats and conduct essential activities.
Cryptocurrency
fromnews.bitcoin.com
43 minutes ago

FATF Calls for Rapid Global Crypto Standards Rollout as Cross-Border Enforcement Gaps Raise Systemic Risks

FATF pressures jurisdictions to enforce crypto regulations faster, increasing scrutiny on stablecoins and accountability for compliance gaps.
Russo-Ukrainian War
fromwww.theguardian.com
8 hours ago

Investigators examine whether Ukraine terrorist attack was directed by Russia

A terrorist attack in Kyiv resulted in six deaths, with investigators examining potential links to Moscow and the perpetrator's background.
Mental health
fromFast Company
16 hours ago

How to navigate uncertainty in an increasingly uncertain world

Artificial intelligence advancements are creating job insecurity and uncertainty for millions, compounded by geopolitical tensions and personal health challenges.
fromwww.bbc.com
17 hours ago

Counter-terror police investigate another arson attack

Commander Helen Flanagan stated, 'At this stage last night's arson is not being linked to other incidents in the north-west London area over the last week or last month's arson in Golders Green but counter terrorism officers are leading due to the similarities of each attack.'
London politics
EU data protection
fromSecurityWeek
1 day ago

53 DDoS Domains Taken Down by Law Enforcement

Law enforcement in 21 countries coordinated to disrupt DDoS-for-hire services, resulting in arrests and the takedown of numerous domains.
Python
fromTalkpython
2 days ago

OWASP Top 10 (2025 List) for Python Devs

The OWASP Top 10 has been updated with significant changes including supply chain attacks and exceptional condition handling.
US politics
fromNextgov.com
2 days ago

Secret Service is embracing new solutions to combat malicious drones, director says

The U.S. Secret Service is adopting kinetic mitigation technologies to counter drone threats for upcoming large-scale events.
#north-korea
Information security
fromComputerWeekly.com
1 day ago

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
more#north-korea
#cryptocurrency
France news
fromThe Local France
1 day ago

France reports over 40 cryptocurrency kidnappings so far this year

France has experienced over 40 kidnappings linked to cryptocurrencies since January, targeting wealthy individuals and their families.
fromArs Technica
1 day ago
Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

France news
fromThe Local France
1 day ago

France reports over 40 cryptocurrency kidnappings so far this year

France has experienced over 40 kidnappings linked to cryptocurrencies since January, targeting wealthy individuals and their families.
fromArs Technica
1 day ago
Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

more#cryptocurrency
Marketing tech
fromSFGATE
2 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.
Privacy professionals
fromWIRED
2 days ago

Congress Turns Up Pressure on DHS Over Palantir's Role in Immigration Crackdown

Members of Congress demand DHS and ICE disclose details on surveillance tools used in immigration enforcement.
#cybersecurity
fromTechCrunch
1 day ago
Information security

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Information security
fromThe Cipher Brief
3 days ago

Copy of Trump's Cyber Strategy Is a Strong Playbook, but It's All in the Execution

The National Cyber Strategy aims to enhance U.S. national security through aggressive defense and collaboration with the private sector.
Information security
fromSecurityWeek
1 day ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.
Silicon Valley
fromWIRED
5 days ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.
Information security
fromTechCrunch
1 day ago

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.
Information security
fromThe Cipher Brief
3 days ago

Copy of Trump's Cyber Strategy Is a Strong Playbook, but It's All in the Execution

The National Cyber Strategy aims to enhance U.S. national security through aggressive defense and collaboration with the private sector.
Information security
fromSecurityWeek
1 day ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.
more#cybersecurity
Artificial intelligence
fromFortune
1 day ago

AI cybersecurity capabilities require urgent international cooperation, AI godfather Bengio says | Fortune

Yoshua Bengio emphasizes the urgent need for international cooperation in addressing AI's risks, particularly with the release of Anthropic's Mythos model.
Software development
fromZDNET
3 days ago

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.
EU data protection
fromComputerWeekly.com
2 days ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.
France news
fromLondon Business News | Londonlovesbusiness.com
2 days ago

France draws up crisis plan for London terror scenario as tensions rise over Iran war - London Business News | Londonlovesbusiness.com

French authorities are preparing for potential security incidents in London due to heightened geopolitical tensions, particularly related to the conflict involving Iran.
#nist
Information security
fromComputerWeekly.com
1 day ago

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.
Information security
fromTechzine Global
2 days ago

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.
Information security
fromComputerWeekly.com
1 day ago

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.
Information security
fromTechzine Global
2 days ago

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.
more#nist
#ai
Information security
fromSecurityWeek
2 days ago

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.
Information security
fromTechzine Global
3 days ago

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.
Information security
fromTechzine Global
5 days ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
Information security
fromSecurityWeek
2 days ago

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.
Information security
fromTechzine Global
3 days ago

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.
Information security
fromTechzine Global
5 days ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
more#ai
London politics
fromwww.independent.co.uk
1 day ago

Counter-terror police probe whether Iran ordered series of arson attacks in London

Counter-terror police are investigating potential Iranian involvement in a series of arson attacks in London, with multiple arrests made.
Cryptocurrency
fromBitcoin Magazine
1 day ago

When Quantum Computers Come For Your Bitcoin: What Classical Property Law Says Happens Next

Bitcoin's future is challenged by quantum computing, raising questions about ownership and legality of coins accessed through quantum-derived keys.
Artificial intelligence
fromTechRepublic
1 day ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.
Women in technology
fromInfoQ
3 weeks ago

Security and Architecture: To Betray One Is To Destroy Both

Architecture and security have evolved from separate entities to a deeply connected partnership focused on resilience and protection against threats.
Artificial intelligence
fromFortune
3 days ago

A retired general's warning: America can't fight the AI arms race on tech it doesn't control | Fortune

The U.S. faces a critical AI arms race affecting military power and national security, highlighted by the Anthropic-Pentagon standoff over AI usage control.
#malware
Information security
fromTechRepublic
1 day ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
fromSecurityWeek
3 days ago
Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

Information security
fromTechRepublic
1 day ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
Information security
fromSecurityWeek
1 day ago

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.
Information security
fromSecurityWeek
3 days ago

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.
more#malware
Information security
fromHarvard Gazette
1 day ago

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.
Information security
fromArs Technica
1 day ago

Recent advances push Big Tech closer to the Q-Day danger zone

Organizations are transitioning to new algorithms to replace RSA and elliptic curves due to vulnerabilities exposed by quantum computing threats.
Information security
fromDevOps.com
1 day ago

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.
Information security
fromSecurityWeek
3 days ago

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.
fromSecuritymagazine
2 months ago

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.
Science
Information security
fromTechCrunch
2 days ago

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.
Information security
fromSecuritymagazine
4 days ago

Beyond the Bodyguard: Why Executive Protection Requires a New Playbook

The executive protection model must evolve from a reactive approach to a comprehensive security infrastructure due to increased accessibility of personal information.
Information security
fromSecurityWeek
3 days ago

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.
#fortinet
Information security
fromTheregister
3 days ago

Critical Fortinet sandbox bugs allow auth bypass and RCE

Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass authentication or execute unauthorized code.
Information security
fromTheregister
3 days ago

Critical Fortinet sandbox bugs allow auth bypass and RCE

Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass authentication or execute unauthorized code.
more#fortinet
Information security
fromThe Hacker News
4 days ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.
#openai
Information security
fromWIRED
4 days ago

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.
Information security
fromTNW | Apps
3 days ago

OpenAI releases GPT-5.4-Cyber for vetted security teams, scaling Trusted Access programme

OpenAI is launching GPT-5.4-Cyber for cybersecurity, expanding its Trusted Access for Cyber program to thousands of verified defenders.
Information security
fromAxios
4 days ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
Information security
fromWIRED
4 days ago

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.
Information security
fromTNW | Apps
3 days ago

OpenAI releases GPT-5.4-Cyber for vetted security teams, scaling Trusted Access programme

OpenAI is launching GPT-5.4-Cyber for cybersecurity, expanding its Trusted Access for Cyber program to thousands of verified defenders.
Information security
fromAxios
4 days ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
more#openai
Information security
fromArs Technica
4 days ago

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.
fromwww.businessinsider.com
4 days ago

We're in a new era of heightened CEO safety measures, security pros say

This attack is just shedding light on the fact that you're even more vulnerable outside of the office, said Don Aviv, CEO of Interfor International, a security consultancy.
Information security
Information security
fromZero Day Initiative
4 days ago

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.
Information security
fromTechRepublic
1 week ago

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.
#ai-cybersecurity
Information security
fromSecurityWeek
1 week ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
fromZDNET
1 month ago
Information security

The biggest AI threats come from within - 12 ways to defend your organization

Information security
fromSecurityWeek
1 week ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
fromZDNET
1 month ago
Information security

The biggest AI threats come from within - 12 ways to defend your organization

more#ai-cybersecurity
Information security
fromThe Hacker News
1 week ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
Information security
fromThe Hacker News
1 week ago

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.
Information security
fromThe Hacker News
1 month ago

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.
Information security
fromSecuritymagazine
1 month ago

The Great Security Culture Shift: Building a Proactive Defense in an Era of Advanced Threats and Social Engineering

Hackers exploit DLL side-loading on trusted platforms like LinkedIn to deliver malware through seemingly legitimate file attachments, bypassing traditional security defenses and compromising entire corporate networks.
Information security
fromNextgov.com
1 month ago

Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says

A sophisticated iPhone hacking toolkit called Coruna, likely originating from U.S. government development, has proliferated to foreign intelligence agencies and criminal groups, compromising iOS devices through multiple exploit chains.
Information security
fromTheregister
1 month ago

Threat intelligence supply chain is full of weak links

China's ban on foreign security software threatens the global threat intelligence ecosystem by risking data fragmentation and weakening international cybersecurity collaboration.
Information security
fromThe Hacker News
1 month ago

Manual Processes Are Putting National Security at Risk

Over half of national security organizations rely on manual sensitive data transfers, creating critical security vulnerabilities that adversaries actively exploit in contested operational environments.
Information security
fromSecurityWeek
2 months ago

Cyber Insights 2026: Offensive Security; Where It is and Where Its Going

Red teaming and offensive security must accelerate and expand to proactively find and harden system weaknesses against increasingly frequent, sophisticated, and damaging attacks.
fromSecurityWeek
2 months ago

Cyber Insights 2026: Cyberwar and Rising Nation State Threats

Entering the cyber world is stepping into a warzone. Cyber is considered a war zone, and what happens there is described as cyberwar. But it's not that simple. War is conducted by nations (political), not undertaken by criminals (financial). Both are increasing in this war zone we call cyber, but the political threat is growing fast. Cyberwar is a complex subject, and a formal definition is difficult.
Information security
[ Load more ]