Cybersecurity

Admin accelerates quantum push, advances timeline for quantum-safe security

Five Eyes warn AI cyber threat is months away, Tata breach exposes Apple and Tesla files, OpenAI launches Patch the Planet initiative, Meta pauses employee AI data collection after exposure, Two plead guilty in £39m TfL cyberattack, Texas probes Carnival breach affecting 6 million customers, more

Metacurity is the only daily cybersecurity briefing built for clarity, not agendas—no vendor spin, no echo chamber, just sharp, original aggregation and analysis of what actually matters to security leaders.

Each day, Metacurity is read by thousands of cyber leaders, including some of the industry's top CISOs, security architects, practitioners, vendors, analysts, and journalists.

If you rely on Metacurity to cut through the noise on policy, industry shifts, and security research, consider supporting us with a paid subscription. Independent coverage like this only exists because readers decide it’s worth it.

Upgrade my subscription

The White House accelerated its efforts to boost the burgeoning quantum-computing industry, signing a pair of executive orders aimed at speeding the development of advanced quantum computers and mitigating the security threats they present.

One of the orders the president signed directs federal agencies, including the Energy Department, to work with the private sector and academics to deploy a quantum computer powerful enough to conduct scientific research by 2028. Such benchmarks are seen as crucial to showing that the technology has real-world applications.

Trump signed a second executive order directing agencies and government security experts to prepare for quantum systems that can evade standard encryption more quickly than previously anticipated. The goal is to bolster security systems across the government and private sector so that advanced quantum hackers can’t take down critical infrastructure.

“We are going to be investing in American quantum leadership like never before,” Trump said at the signing ceremony for the orders, adding that they should extend the nation’s lead in the sector. The latest executive orders build on existing government investments in the sector that date to Trump’s first term.

Industry executives, including IBM Chief Executive Arvind Krishna and Ruth Porat, president of Google parent Alphabet, attended the Oval Office signing event.

The administration is hoping that the ambitious 2028 target for a system that can conduct scientific research will serve as a stepping stone for larger systems that can carry out tasks for businesses, a senior White House official said. The order focused on boosting quantum activity directs the Energy Department, which conducts extensive quantum research, to identify the technical specifications needed to measure that goal.

Trump also directed the Commerce and Defense departments to deploy quantum sensors, which use quantum mechanics to offer alternatives to traditional global-positioning systems, in the next five years. The technology could have advanced applications in space exploration and wars where GPS jamming is prevalent.

The executive order focused on security directs agencies to develop systems that are resistant to quantum-enabled hacking by 2031, up from a previous target of 2035 set during the Biden administration, and gives priority to transition plans to harden critical infrastructure such as utilities and water plants. (Amrith Ramkumar / Wall Street Journal)

Powerful AI models capable of devastating new cyber attacks on governments and businesses are mere months away, intelligence agencies for the Five Eyes have warned in a rare joint statement, urging leaders to “act now."

The surprising public intervention by signals agencies for Australia, the US, the UK, New Zealand and Canada comes after the Trump administration earlier this month decided to block “foreign nationals” from using a much-hyped AI model built by tech company Anthropic, called Fable.

The statement said while AI “would help us improve cyber defence over time, it also accelerates the speed, scale, and sophistication of cyber threats."

The cybersecurity agencies said the leaps in AI models showed the technology would lower barriers for bad actors and increase the speed and complexity of attacks. (Sarah Basford Canales / The Guardian)

Indian electronics giant Tata Electronics said it had detected a recent "cybersecurity incident" after researchers said cyber extortion group World Leaks posted purported component design and specification papers of Apple and Tesla, both customers ‌of the Indian group.

The ransomware group has posted more than 200,000 files on the dark web, researchers say.

Apple was investigating the breach, and "a full analysis was going on", a source familiar with the matter said, adding that Tata had received a ransom demand related to the incident.

The breach is the latest setback for Apple's supply ⁠chain in India, where Tata faces scrutiny over alleged contamination of farmlands near one of its iPhone parts plants, Reuters reported.

Tata is emerging as one of Apple's most important manufacturing partners outside China, an expansion that is a cornerstone of Prime Minister Narendra Modi's push to make India an electronics manufacturing powerhouse.

The World Leaks website says the Tata Electronics data comprises more than 200,000 files totaling over 630 gigabytes. A database on its website shows several purported Apple files and folders, some titled "com.apple.factorydata", and documents referring to "material specification."

Tata also makes parts for Tesla, industry sources say. One folder on the World Leaks database was labeled "NV36 Chargeport Controller - North America", a purported reference to parts used in an upgraded version of Tesla's Model Y SUV.
Another ⁠purported Tesla 2023 document described as "TRADE SECRET" showed certain drawings for its project Highland - a publicly known internal codename for its revamped Model 3 sedan. (Munsif Vengattil, Aditya Kalra and Aditi Shah / Reuters)

OpenAI issued a number of cybersecurity-focused announcements, including an improved version of its limited-access security-specialized model GPT-5.5-Cyber, expanded international work with governments and other institutions to give them “trusted access” to the company's latest cybersecurity-focused models, and the release of its Codex Security scanner as an app plugin.

The company also said that it is launching an effort known as Patch the Planet, founded with the prominent research-focused security firm Trail of Bits and in collaboration with vulnerability management firms HackerOne and Calif.

The project has already begun its work, offering free security consulting services to open-source maintainers to not only help them find and patch vulnerabilities but also support them in strengthening their code bases and incorporating AI security tools into their development process. The idea is to give individualized support to as many open-source projects as possible to improve both their current security and long-term resilience in a way that will actually be sustainable.

Maintainers “do their work out of love of open source, and now they’re stuck reviewing slop CVEs,” says OpenAI's cyber tech lead, Fouad Matin. With Patch the Planet, he says, “What we’ve effectively done is make it as efficient from a token perspective as possible to reduce the burden for maintainers—code base assessments, validating potential reports, creating patches, and landing them. We want to offset costs, whether it's tokens or people power, to actually patch as much of the world of software as possible.”

Matin adds that for its Codex Security scanner, which has been in research preview since earlier this year, OpenAI has been subsidizing usage for both open-source and private code “to the tune of 20 trillion tokens.”

More than 30 open-source projects are already participating in Patch the Planet, with more in the pipeline to start. To launch the project, Trail of Bits recently conducted a five-day opening sprint in which it had 25 engineers, or roughly a fifth of its workforce, simultaneously working on collaborations with an array of maintainers. OpenAI and Trail of Bits say the project has already uncovered hundreds of bugs and produced dozens of patches in just its first week.

And Guido says that with funding from OpenAI as well as unmetered model access, Trail of Bits plans to continue its intense commitment to Patch the Planet work long-term. (Lily Hay Newman / Wired)

Measures of the degree to which an agent can reproduce known vulnerabilities in software environments. Source: ChatGPT.

Meta left potentially sensitive information collected from employee laptops accessible to anyone inside the company, according to an internal security notice seen by WIRED and three current employees familiar with the issue.

The data, which was collected as part of a divisive initiative to train artificial intelligence models, is believed to include keystrokes, mouse clicks, and content displayed on the computer screens of Meta’s US employees.

Meta spokesperson Tracy Clayton initially confirmed to WIRED that the company is investigating the security issue. As this story was being published, he added that Meta is pausing the data collection program indefinitely. "We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," Clayton says.

The security notice sent out Monday indicated that “employee data across 45,000 hive tables” had been exposed. Those tables included employee activity such as “full prompts and transcriptions, private conversations, people and performance data,” according to documents viewed by WIRED.

Some employees at Meta quickly seized on the security failure, saying in internal forums that it validated concerns they had raised when the company began tracking workers’ corporate laptops in April as part of a program known as the Model Capability Initiative. (Paresh Dave and Lauren Goode / Wired)

Thalha Jubair, from East London, and Owen Flowers, from Walsall in the West Midlands, pleaded guilty to offenses in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption and cost the operator £39m (around $51 million).

The pair admitted to charges of conspiring to commit unauthorized acts against TfL under the Computer Misuse Act.

TfL previously said the hack disrupted services for three months when it began on 31 August 2024. The BBC was told the breach affected 10m customers.

Flowers also pleaded guilty to attempting to hack computer systems belonging to California-based Sutter Health and another US company, SSM Healthcare Corporation. (Victoria Hollins / BBC News)

Owen Flowers (left) and Thalha Jubair pleaded guilty on the first day of their trial. Source: National Crime Agency.

Texas Attorney General Ken Paxton says his office is investigating a data breach at Carnival Cruise Line that the company says affected about six million customers, including roughly 800,000 Texans.

KHOU 11 first reported on the breach in May after Carnival began notifying customers that their personal information had been compromised in a cybersecurity incident that was discovered on April 14. According to the cruise line, an employee was tricked by social engineering, allowing an unauthorized person to get access to customer data.

Carnival has a major presence in Texas, with four ships homeported in Galveston. The company recently announced plans to expand its operations there by bringing the Carnival Tropicale to the island in 2028. (Randy Klein / KHOU)

Paradigm Shift, an offensive cybersecurity company based in Barcelona, has published details of a vulnerability in Apple chips that can potentially help hackers unlock older iPhones.

This release opens the door for other researchers who specialize in finding iOS vulnerabilities, such as those working for governments or their contractors, to develop effective hacks for iPhones, provided they can find additional vulnerabilities to chain together with this one. This could help security researchers develop a so-called iPhone jailbreak, a technique to hack into Apple’s mobile operating system and remove all the restrictions the company puts on it.

Paradigm Shift dubbed the vulnerability “usbliter8.” The company also published a proof of concept that shows how to exploit the vulnerability, which requires physical access to the target phone.

The flaw and related exploit affect iPhones that have Apple-made chips A12 and A13, which were released in 2018 and 2019, and are included in older iPhones such as the XS, XR, and up to the iPhone 11.

The release of usbliter8 is significant in the world of security research and spyware and hacking tools makers, but it does not mean that older iPhones are easily hackable by anyone.

The bug found by Paradigm Shift affects the iPhone’s Boot ROM, which is the first piece of code that runs when an iPhone is turned on and, consequently, its first line of defense against hackers. To hack an iPhone with physical access to it — meaning having the ability to connect a cable to it — hackers need to first exploit the Boot ROM. Now, they can do that thanks to usbliter8, which allows them to defeat and bypass further security checks, potentially. (Lorenzo Franceschi-Bicchierai / TechCrunch)

Everyone is racing to adopt AI. But if your security foundation is weak, AI won’t save you — it will amplify the risk.

That’s the core message behind my just-published new book, The NIST 2.0 Cybersecurity Framework: Practical Risk Management Using Real-World Incidents. Rather than treating cybersecurity as a compliance exercise, the book shows how organizations can build resilient security programs grounded in real operational failures and lessons learned.

Wiley is currently offering Metacurity readers a 20% discount with code ENG20. Don't wait! Order your copy today! Email me to find out about bulk purchases for your organization or special customized print runs for your team.

Order your copy and save 20%

Hackers have reportedly breached the Russian Glaz/Groza combat control system and gained access to its data.

The “Where is Russia today” community reported that they also obtained instructions, videos, patents, and other materials related to the system.

Groza is one of Russia’s primary apps for targeting and command-and-control of troops.

Its main purpose is to simplify interaction between reconnaissance drones using the Glaz software, commanders, and fire units on the ground. The system is designed to reduce the time required for target identification and engagement within the reconnaissance-to-fire chain.

As it turned out, the system is administered through Telegram groups, where administrators provide support to users and distribute new versions of the application to Russian military personnel.

Maps in Groza allow users to plot positions of friendly and enemy forces to guide operations and improve situational awareness.

“Numerous complaints from users about the breach have been recorded: they cannot connect to the application, are unable to remove images that keep reappearing, and administrators are trying to fix the problem,” Where is Russia today reported.

Instructions for the system were also found during the investigation, including hundreds of pages of full user guides for the application. (Taras Safronov / Militarnyi)

Related: Groza files, TechRadar

A well-known trading bot called jaredfromsubway took a notable hit this weekend after it fell victim to a series of transactions that left its logic exposed to malicious behavior.

The $7.5 million attack, which took place on Saturday, marked a sudden setback for jaredfromsubway and the formula it has used to notch profits on Ethereum for years quietly.

The trading bot has been credited with perfecting the so-called sandwich attack. The strategy is widely viewed as a form of market manipulation on decentralized exchanges, involving trades that are placed around pending transactions and hurt price execution.

Essentially, an attacker presented jaredfromsubway with misleading opportunities that later allowed the bad actor to drain legitimate funds, according to security firm Blockaid. The scheme boiled down to fake tokens and fraudulent smart contracts, Blockaid added in an X post.

Jaredfromsubway is designed to continuously scan for profitable trades, and in order to act on them, it occasionally needs to provide entities with permission to move funds on its behalf.

Some transactions that jaredfromsubway engaged in revoked those powers as soon as they were completed, while the ones that were crafted later by the attacker didn’t. “That left attacker-controlled spenders armed,” Blockaid explained. (André Beganski / Decrypt)

Researchers at Kaspersky report that an ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access.

The threat actor is using file names that indicate business and financial documents delivered by the victim's contacts, whose accounts had been compromised.

By downloading and executing the malicious attachments, the recipient starts an infection chain that leads to installing the legitimate ManageEngine Endpoint Central, which is used by IT administrators to manage systems from a centralized dashboard.

Telemetry data from cybersecurity company Kaspersky shows that the campaign spreads across Brazil, India, Mexico, Singapore, the UK, Spain, Taiwan, Australia, Russia, Vietnam, and Malaysia.

The attacks begin with messages sent from compromised accounts that contain nothing but a heavily obfuscated VBS file. These files are given names that make them appear to be financial reports, billing statements, account notices, and similar documents likely to draw the target’s attention and prompt them to open the file.

The filenames are also localized in multiple languages, further confirming the campaign’s global reach.

While Kaspersky does not attribute the attacks to a specific threat actor, the researchers found signs of Chinese language use and infrastructure overlap with IPs previously associated with ValleyRAT and Gh0st RAT activity. (Bill Toulas / Bleeping Computer)

Related: Securelist, Security Affairs

Overview of the attack chain. Source: Kaspersky

Researchers at software supply-chain security company JFrog report that a newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio.

The vulnerability is tracked as CVE-2026-8461 and is a heap out-of-bounds write in the MagicYUV decoder. It received a high-severity score of 8.8 and can be leveraged via a malicious video file in AVI, MKV, or MOV format.

Any application that uses libavcodec, FFmpeg’s core library for video decoding and encoding, is considered vulnerable.

However, exploitation for remote code execution (RCE) is possible if the Address Space Layout Randomization (ASLR) defense is disabled or by chaining another vulnerability to defeat the protection.

JFrog says PixelSmash stems from the way MagicYUV processes slices, independent regions of a video frame that can be decoded separately from the rest of the image.

"The vulnerability is a one-row heap buffer overflow in the MagicYUV decoder’s slice handling, caused by an inconsistency between how the frame allocator and the decoder compute chroma plane heights," JFrog explains. (Bill Toulas / Bleeping Computer)

Related: JFrog, Cyber Insider

Microsoft says that a vulnerability chain dubbed AutoJack in its AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage.

AutoGen Studio is the graphical component for AutoGen, Microsoft’s open-source framework for building multi-agent AI systems. The framework allows developers to create AI agents that can collaborate, use tools, browse the web, execute code, interact with APIs, and connect to external systems.

The project is very popular, with more than 59,000 stars and nearly 9,000 forks on GitHub. Microsoft notes that AutoJack's impact was limited because the issue was addressed during development.

"This issue was identified and remediated before any PyPI release, so the affected code never shipped in a published package," Microsoft says.

"The exposure was limited to developers who built AutoGen Studio from the main GitHub branch during the window between the MCP plugin landing and the hardening commit.' (Bill Toulas / Bleeping Computer)

Origin bypass via the AI agent Source: Microsoft.

Cloudflare said that it has joined with the three leading commercial browser makers to create a privacy-preserving protocol that websites can use to separate desirable web traffic from undesirable network requests.

Cloudflare, along with Google Chrome, Microsoft Edge, and Mozilla Firefox, has committed to developing Private Access Control Tokens (PACTs), a way for websites to generate a digital token that asserts a given browsing session is being run by a human or bot with legitimate intent, as opposed to network requests from people or software deemed abusive or improper.

PACTs will let websites "with strong knowledge of 'personhood'" issue anonymous tokens that browser users and designated bots can present at other websites, so that fewer identity checks are necessary.

Think of PACTs as a shareable, privacy-preserving CAPTCHA test result, where the desirability of the web traffic is being tested rather than whether the visitor is a human or a bot – an increasingly difficult distinction.

While the technical details are still being hammered out and harmonized between related proposals, it isn't immediately clear what constitutes "strong knowledge of 'personhood'" in this context, particularly since "personhood" appears to extend to software that has been authorized to act on behalf of a legitimate person for an authorized purpose. (Thomas Claburn / The Register)

Best Thing of the Day: Laying the Groundwork for Other Hospitals

How 100 Romanian hospitals switched to pen and paper to defeat a national cyberattack has become a test case for disaster planners internationally, as officials look for advice on responding to a mass hospital hack.

Bonus Best Thing of the Day: Now, Let's Expand This to the Whole Government

Senate lawmakers want to give the Defense Department new tools in fiscal 2027 to recruit and retain cyber talent, limit the department’s ability to carry out workforce reductions and establish a program to retain high-performing supervisors and managers across the department.

Extra Bonus Best Thing of the Day: One Small Step for Democracy

A federal court ruled that the Trump administration’s national voter database violates federal privacy laws, interferes with Americans’ right to vote, and must be dismantled.

Worst Thing of the Day: It's Not Nice to Tease Nurses

The Registered Nurses’ Union Newfoundland & Labrador is raising concerns after NL Health Services conducted a phishing awareness exercise that used the promise of an additional paid day off as the hook for employees.

Bonus Worst Thing of the Day: Looking Up Sickos in the Dictionary

Seven men have been charged with hacking hundreds of Western Pennsylvania women’s and girls’ Snapchat accounts and the nonconsensual distribution of their nude photos.

Extra Bonus Worst Thing of the Day: Honoring Incompetence

Columbus Department of Technology Director Sam Orth is retiring from the city, nearly two years after a cyberattack exposed the data of thousands of people in Columbus and will be honored by the city council despite his role n badly botching the city's response to the incident.