Frontier AI beat: NSA locked out, Meta pressured, lawsuits begin

Don't miss my latest CSO piece, which delivers the details in a pair of new Trump executive orders aimed at accelerating the federal government’s transition to post-quantum cryptography while expanding US investment in quantum technologies.

Metacurity is the cybersecurity industry's daily reality check—independent, agenda-free coverage that cuts through vendor hype, social media noise, and recycled talking points to explain what matters and why.

Trusted by thousands of cybersecurity professionals, including many of the industry's most influential security leaders, Metacurity delivers the context, analysis, and perspective that busy readers don't have time to assemble themselves.

If you find value in that work, please consider becoming a paid subscriber. Metacurity remains independent because its readers choose to support it.

The Trump administration's confrontation with Anthropic continues to expose a growing tension in Washington's AI policy. The New York Times and other outlets reported that the National Security Agency has lost access to Anthropic's most advanced AI models after the government imposed restrictions on the company, depriving the agency of a tool that officials reportedly found highly effective at identifying software vulnerabilities.

The development comes amid confusion over recent reports involving Anthropic's role inside the agency. An Economist article was widely interpreted as suggesting that Anthropic's Mythos model had autonomously hacked NSA systems. Subsequent reporting clarified that the agency had used the model in controlled red-team exercises to probe classified networks for weaknesses—a sign of how seriously government cybersecurity officials were evaluating the technology's capabilities.

The administration's scrutiny is also expanding beyond Anthropic. According to the New York Times, officials are pressing Meta to submit its frontier AI models for government review voluntarily. Meta is reportedly the only major US AI developer that has not yet agreed to participate in the government's model-evaluation program, while OpenAI, Anthropic, Google, xAI, and Microsoft have already signed on.

Meanwhile, the consequences of the Anthropic restrictions are beginning to spill into the courts. Legion, a legal-tech company that builds tools for attorneys using Anthropic's models, has sued the U.S. government over the order that cut off access to Fable 5.

In its complaint, Legion argues that losing access to the model caused immediate and potentially existential harm to its business, contending that in a market evolving as rapidly as AI, lost development time cannot easily be recovered. (Dustin Volz and Julian E. Barnes / New York Times, Devin Pavlou / Straight Arrow News, Tripp MickleEli Tan, and Sheera Frenkel / New York Times, and Rachel Metz / Bloomberg)

Related: The Register, Associated Press, Business Standard, The Next Web, Capacity, Nextgov/FCW, Security Affairs, Tom's Hardware, CNBC, Yellow, The Economist, Gizmodo, The Next Web, Benzinga, Reuters, Crypto Briefing, Reuters, Business Insider, Startup Fortune, Crypto Briefing, Gizmodo

Dialog, the invite-only group cofounded by Peter Thiel, that notified members and past event participants last week that a database containing their personal information had been breached, supposedly by a criminal hacker, actually left the files readable to anyone who visited a landing page for the group’s app.

The notification to people affected by the data exposure, emailed by Dialog managing director Juliette Levine and provided to WIRED, said that forensic investigators found that the names of 113 past participants in Dialog events had been exposed and, separately, “some” people registered for this summer's Dialog retreat had their information accessed. Levine said the organization had temporarily closed many of its systems in response.

The exposure, Levine alleged, “was a hack executed by a well-known criminal who is wanted in the United States,” adding that the group had acted “out of caution” to protect “the safety, privacy, and reputation of every Dialoger past and present.”

However, multiple reviews of the site's publicly accessible architecture, though, point to a misconfiguration, not a break-in. (Dell Cameron and Dhruv Mehrotra / Wired)

Related: r/technology

Password manager maker LastPass is notifying customers that their personal information and customer support case records were stolen during a recent hack at one of its technology partners, marking the company’s latest data breach in recent years.

In an email to an affected customer, LastPass said the breach occurred at market research firm Klue, and not its own systems. However, hackers abused their access to obtain reams of data about LastPass customers.

LastPass is the latest in a growing list of cybersecurity companies that have reported data thefts as a result of the breach at Klue, which the company disclosed last week. Several other affected companies include HackerOne, Recorded Future, and Tanium.

In a blog post that shared information about the incident, LastPass said the hackers took customers’ names, phone numbers, email addresses, and physical addresses, as well as customer support case data and sales-related data.

LastPass said the company’s own infrastructure was unaffected, including customers’ password vaults. (Zack Whittaker / TechCrunch)

Related: LastPass, AppleInsider, Hackread, The Next Web, CyberInsider, Bleeping Computer, Cyber Security News, 9to5Mac, Help Net Security, Digital Trends, Android Authority, Android Police, Apple Insider, Computing, Phandroid, HackRead, FirstPost, Dark Reading

Iran's state-owned banking technology provider said ​that cyberattacks had disrupted card-based banking services ‌at Bank Melli, Bank Saderat, and Bank Tejarat.

This prompted a temporary suspension of all card-related operations at ​the three banks to prevent further unauthorized ​access, the Informatics Services Corporation told state TV, with ⁠cybersecurity teams working to restore normal operations.

The company's ​public relations head said ATM services, point-of-sale terminals ​, and mobile applications linked to card systems were all affected.

Disruptions were also reported on June 14 at major ​banks, including Melli, Saderat, Tejarat, and the ​Export Development Bank of Iran, after a cyberattack targeting a ‌shared ⁠communication system, Iran's Banking Coordination Council has said.

Iranian state media cited the central bank as saying on Tuesday that the latest problems should be ​resolved by Wednesday ​morning ⁠and all services would then return to normal.

Officials have said the earlier ​incident, which took several days to ​resolve, according to ⁠Iranian media, did not compromise customer data. (Reuters)

Related: The Independent, The Telegraph, The New Arab

Indian automaker Bajaj Auto reported a ransomware attack affecting company systems and its subsidiary, Bajaj Auto Technology Ltd.

In a regulatory filing, the company said it responded quickly and has contained the incident, though publicly available details did not indicate whether data was stolen, operations were disrupted, or a ransomware group was involved.

This incident follows by a few days an attack on another Indian manufacturing giant, Tata, during which documents for clients Apple and Tesla were exposed. (Economic Times and Nigel Pereira /Sify)

Related: Reuters, Business Today, Acko Drive, MediaNama, Cyber Security News, Autocar India, GBHackers, VarIndia, CyberPress, Fortune India, MoneyControl

Japanese telco KDDI messed up by allowing an attacker to access systems powering an email service it manages for itself and other local ISPs, and which stores info on up to 14.2 million users.

The company yesterday posted a confession [PDF] that it detected unauthorized access to the email system it offers to third-party customers on June 17th.

Machine translation of the confession suggests that KDDI investigated the situation and found attackers exploited a vulnerability in third-party software used on the email service, without claiming that the vulnerability was a zero-day, it had no chance of defending, or providing an explanation of why it was running vulnerable software.

There’s some good news because KDDI was able to prevent further intrusion on the same day it noticed the attack, and says it has bolstered its defenses to prevent future intrusions.

But the carrier also fears that up to 14.2 million email addresses and passwords may have leaked, and therefore warned that third parties may have obtained personal data. Thankfully, the company had hashed and encrypted the passwords, so users only have to fear phishing and identity theft, instead of something nastier.

However, some of the data KDDI thinks may have leaked pertains to dormant accounts or others that users canceled, meaning some potential victims will be hard to contact if the attackers have indeed stolen data. (Simon Sharwood / The Register)

Related: KDDI, The Japan Times, The Cyber Express

Britain’s museums and galleries are being left vulnerable to thefts and cyber-attacks that could put priceless collections at risk, MPs have warned.

A report by the Public Accounts Committee (PAC) said big security failures in recent years, including the theft of thousands of artifacts from the British Museum and a devastating cyber-attack on the British Library, had exposed serious weaknesses across the sector, but that the government had failed to take a strategic approach to preventing similar incidents.

The warning comes less than three years after the British Museum revealed that about 2,000 objects had been stolen, damaged, or gone missing from its collections over a period of years, in a scandal that led to the resignation of its director, Hartwig Fischer.

The committee said such incidents highlighted the need for stronger oversight of both the physical security of collections and museums’ digital infrastructure. While the Department for Culture, Media and Sport (DCMS) had facilitated discussions about recent breaches, MPs said it had been unable to identify concrete actions taken across the sector as a result. (Nadia Khomami / The Guardian)

Related: UK Parliament, Infosecurity Magazine, Express, Arts Professional

The data breach at healthcare AI and technology company Xsolis affected 1,396,519 individuals, making it one of the largest healthcare-related data breaches disclosed in 2026 so far.

Xsolis first announced the incident in early June, saying it had found unauthorized activity in a limited part of its environment. The company said the incident came from a targeted phishing attack that began on January 20, 2026, and was detected on January 22.

The company said it interrupted and contained the activity, ended the unauthorized access, isolated affected hosts and user accounts, and brought in outside cybersecurity experts. Xsolis also said it notified law enforcement.

The company said the files contained information it had received from clients. That point matters because the affected people may not have had a direct relationship with Xsolis. A patient may have visited a hospital or health system, while Xsolis handled data behind the scenes as a third-party vendor. (Carter Anderson / NCHStats)

Related: SC Media, Security Affairs, GovInfoSecurity, TechRadar, Security Week, The HIPAA Journal

Shawn Nunley, the telephone company investigator whose work helped track down notorious hacker Kevin Mitnick during his 1990s crime spree, received an unexpected gift after Mitnick's death: enough money to buy his dream Porsche 911 GTS.

The bequest capped an unlikely friendship that developed years after Nunley helped send Mitnick to prison, turning one of cybersecurity's most famous adversarial relationships into a story of reconciliation. (Byron Hurd / The Drive)

Related: Motor Biscuit, Hacker News, r/nottheonion, Cloud Security Office Hours

Researchers at SonicWall report that healthcare cybersecurity remains the most persistently targeted industry in SonicWall's global telemetry, and that the gap between healthcare and every other sector is widening, not closing.

While attack volumes across most verticals declined between 17% and 56% year-over-year, healthcare recorded the smallest decline of any tracked industry.

According to SonicWall, healthcare's attack surface has three structural problems that attackers have learned to exploit with precision. Remote desktop tools (necessary for distributed clinics, telemedicine, and third-party vendor access) generated 13.3 million UltraVNC exploitation attempts in the first five months of 2026 alone.

When those tools are internet-exposed without layered controls and backed by VPN architectures that grant broad network access the moment credentials are validated, a single stolen login compromises the entire environment. (SonicWall)

Related: SonicWall

AI is not a cybersecurity strategy.

Organizations with strong security programs will use AI to move faster. Organizations with weak security programs will use AI to create bigger, faster failures.

That's why I wrote The NIST 2.0 Cybersecurity Framework: Practical Risk Management Using Real-World Incidents. The book moves beyond compliance checklists and theory to show how real organizations succeed—or fail—when security fundamentals break down.

If you're trying to build a resilient security program in the age of AI, this book provides a practical roadmap grounded in actual incidents and operational experience.

Wiley is offering Metacurity readers a 20% discount with code ENG20. Order your copy today, and contact me about bulk orders or customized editions for your organization.

Cybersecurity company Varonis Systems is exploring options, including a potential sale after receiving takeover interest, according to people familiar with the matter.

Miami-based Varonis is working with advisers as it fields preliminary interest from private equity firms, including Blackstone Inc., Thoma Bravo, and Vista Equity Partners, said the people, who asked not to be identified because the information is private.

Varonis’ shares, which jumped as much as 23% Tuesday, closed up 7.1% to $35.03 in New York trading, giving the company a market value of about $4 billion.

The deliberations are at an early stage, and there’s no certainty the company will decide to pursue a sale, the people said. (Ryan Gould, Liana Baker, and Dinesh Nair / Bloomberg)

Related:  BankInfoSecurity.com, Proactive, Barron's Online, Blockonomi

Best Thing of the Day: AI Money Is Not Infinite

Consulting giant Accenture is trying to figure out how to stop non-technical workers from blowing through companies’ AI token budget on trivial tasks like converting PDFs to presentation slides.

Worst Thing of the Day: Maybe This Is a Sign You Shouldn't Use Facial Recognition

Madison Square Garden compiled a list of activists who have publicly criticized the venue’s use of facial recognition technology, putting their tweets and comments into a document that was then accessible to other people inside the company.

Closing Thought