Shai-Hulud attack campaign hit two OpenAI employees, Hackers unwisely targeted Amnesty International's Security Lab chief, US and China to discuss AI guardrails, Anthropic warns of CCP AI dominance, DPRK's APT 37 is now posing as cops, MSFT warns of severe XSS flaw for Outlook web users, much more
Microsoft's AI-driven MDASH system discovered 16 new Windows vulnerabilities, France's Mistral AI competes with Mythos for European banks, Dream Market admin busted by German and US cops, Shadowy firm BlackCore probed for French election interference, Signal to exit Canada if C-22 passes, much more
Anthropic denied Chinese think tank Mythos access, Pentagon will use Mythos while moving ahead with Anthropic ban, House panel wants Instructure hearing, Nitrogen group hit Foxconn with cyberattack, West Pharmaceutical Services hit with ransomware, Microsoft issues 120 Patch Tuesday fixes, much more
US intel agencies want to evaluate AI model while Commerce seems to back away, OpenAI launches cybersecurity model Daybreak, Euro countries sell spyware to rights violators, Binance claims AI system saved $10b in scam losses, Shai-Hulud supply-chain campaign compromised npm and PyPi packages, more
The NIST 2.0 Cybersecurity Framework delivers clear guidance on applying the gold standard NIST framework in complex, real-world situations.
Trump's planned AI-enabled cyber EO stops short of requirements, German authorities shut down relaunched Crimenetwork, L3 Trenchant zero-day peddling exec order to pay $10m, Poland has thwarted many Russian sabotage efforts, IMF warns of financial shock from AI-enabled cyberattacks, much more
How Israeli telecom networks were used for surveillance, Everyday objects are now surveillance devices, AI's risks demand careful human oversight, Hackers can take over smart lawn mowers' cameras and controls, Fears of AI tap into old cultural stories
Firefox bug fixes soar after using Mythos, Virginia man found guilty of destroying government databases, OpenAI rolls out GPT 5.5 to vetted cyber defenders, PCPJack steals cloud creds while removing TeamPCP access, Ivanti urges patches for Endpoint Manager Mobile (EPMM) zero day bug, much more
US-China weigh AI risk talks, Wiles says Trump won’t pick AI winners, Vibe-coded apps lack security, GothFerrari fraudster gets 78 months, MuddyWater masks ops as Chaos ransomware, Phishing hits ManageWP via Google-sponsored search ads, Japan urges CI to do cyber better, much more
FTC to ban Kochava from selling location data, State officials urge AI companies to include them in early-access testing, CISA wants CI firms to plan for essential service disconnection, DAEMON Tools software delivered backdoor to thousands, Breach forced Coupang to lose money, much more
EU is talking with Anthropic to test banks with Mythos, DHS intelligence office staff failed to secure smartphones, A Latvian was sentenced to 8.5 years for role in Karakurt ransomware, A Romanian was indicted for bank fraud scheme dating to 2009, CISA unveils CI Fortify for CI entities, much more
Trellix hit by significant breach, 15-year-old was busted for French gov't hack, CISA warns of Copy Fail exploits in the wild, Defender flags some legit DigiCert root certs as malware, Sri Lanka arrests 37 Chinese cyberscam operators, US health insurance exchanges share data with big tech, much more