Washington pushes AI into an export-control era as rivals rush to fill the gap

Metacurity is the cybersecurity industry's daily reality check—independent, agenda-free coverage that cuts through vendor hype, social media noise, and recycled talking points to explain what matters and why.

Trusted by thousands of cybersecurity professionals, including many of the industry's most influential security leaders, Metacurity delivers the context, analysis, and perspective that busy readers don't have time to assemble themselves.

If you find value in that work, please consider becoming a paid subscriber. Metacurity remains independent because its readers choose to support it.

Frontier AI beat: The Trump administration spent the weekend advancing an increasingly interventionist approach to frontier AI, approving limited access to Anthropic's Mythos 5 model while simultaneously overseeing a tightly controlled preview of OpenAI's new GPT-5.6 family.

The moves suggest Washington is no longer treating advanced AI as a conventional software product but as a strategic technology whose deployment carries national-security implications, pushing AI deeper into the realm of export-controlled dual-use technology.

As US officials tighten controls around frontier models, new reporting suggests Chinese firms are rapidly closing the gap in one of the areas that has most alarmed policymakers: AI-driven vulnerability discovery. The Wall Street Journal reported that Zhipu AI's GLM-5.2 has achieved cybersecurity performance approaching Anthropic's Mythos, while Chinese cybersecurity giant 360 Security claims to have built systems designed specifically to rival Mythos-style vulnerability discovery and cyber-defense capabilities.

Against that backdrop, Anthropic received approval to restore access to Mythos 5 for a limited group of vetted US organizations, including major enterprises and government entities. Meanwhile, OpenAI launched GPT-5.6 Sol, Terra, and Luna under a similarly constrained preview program involving a small number of approved partners. OpenAI said the restricted rollout was being conducted at the request of the US government while officials continue evaluating frontier-model deployment frameworks.

The contrast between Mythos and GPT-5.6 is particularly revealing. OpenAI's safety documentation argues that GPT-5.6 remains below the threshold of the most concerning cyber-risk scenarios associated with Mythos, emphasizing extensive testing and safeguards around offensive cyber capabilities. Independent analyst Zvi Mowshowitz reached a similar conclusion after reviewing OpenAI's system card, arguing that GPT-5.6 appears to remain meaningfully behind Mythos in the cyber capability categories that prompted government concern.

While Anthropic's Mythos remains tightly controlled and OpenAI's GPT-5.6 rolls out under government oversight, competitors in China and elsewhere are already marketing alternatives aimed at the same cybersecurity use cases. The result may be a world in which frontier AI resembles export-controlled technology, but one in which substitutes emerge faster than regulators can restrict them. (Reed Albergotti and Ben Smith / Semafor, OpenAI, Ina Fried, Ashley Gold / Axios, OpenAI, Zvi Mowshowitz / Don't Worry About the Vase, Robert McMillan, Raffaele Huang and Amrith Ramkumar, Wall Street Journal, Kate Park / TechCrunch)

Related: TechCrunch, New York Times, The Verge, Wired, Business Today, PCMag, CNBC, Washington Examiner, Axios, Wall Street Journal, Bloomberg, Engadget, CNN, 9to5Mac, Reuters, NBC News, Financial Times, Neowin, The Decoder, Business Standard, s, Politico, The Hill, The Information, Moneycontrol, Hacker News, r/wallstreetbets, Slashdot, The Next Web, The Asia Business Daily, The Indian Express, Hürriyet Daily News, Benzinga, Türkiye Today, Cyber Security News, RuntimeWire, Memeburn, Tech in Asia, WinCentral, METR, Shelly Palmer, Forbes, The StackMacRumors Forums, PYMNTS, 9to5Mac, VentureBeat, The VergeTechCrunch, Unite.AI, SiliconANGLE, DataBreachToday.com, Decrypt, Constellation Research,, CoinGape, MarkTechPost, MacRumors, The American Bazaar, Android Authority, Neowin, The Deep View, TestingCatalog AI News, PCWorld, How-To Geek, Pulse 2.0, The Decoder, Nextgov/FCW, crypto.news, Benzinga, Digital Trends,   iThinkDifferent, iClarified, RuntimeWire, Hacker News, Washington Post, The Next Web, Bloomberg, Agence France-Presse, RuntimeWire, CNBC, The Hill, Simon Willison's Weblog,  r/technology, r/neoliberal, r/ArtificialInteligence, r/ChatGPT, r/OpenAI, Engadget, Thurrott, Simon Willison's Weblog, Digital Trends, Business Today, Daily Mail, The Information, China Money Network, RuntimeWire, International Business Times, The Next Web, RuntimeWire, Business Insider, TechRadar

Microsoft said it identified and disrupted a large-scale malicious browser extension campaign tracked as StegoAd (a portmanteau of steganography and adware), which operated 119 malicious extensions impacting approximately 2.6 million users.

Microsoft said that while its data indicate this threat actor has been active since at least 2021, steadily evolving evasion techniques, the steganographic phase that defines the campaign emerged in early 2024 and spans 25 months through April 2026.

Dynamic analysis of C2 response payloads revealed capabilities far beyond ad fraud: a full remote code execution (RCE) backdoor, Google account
credential theft with 2FA bypass, WordPress admin credential harvesting, cookie exfiltration, and abuse of Google Analytics as covert telemetry infrastructure. All identified malicious extensions have been removed from the Microsoft Edge Add-ons store, and associated developer accounts have been suspended. (Microsoft)

The National Design Studio, an opaque White House office staffed largely by veterans of Elon Musk’s “department of government efficiency” (Doge), has quietly rebuilt some of the federal government’s most sensitive websites – for passport applications, voter registration, prescription-drug pricing and children’s savings – in ways critics say appear to violate federal law.

A Guardian investigation has found the office has apparently been developing or redeveloping sensitive federal websites, including those connecting Americans with prescription drugs, children’s savings accounts, passports and voter registration. The investigation corroborates and advances earlier reporting by the Drey Dossier, a YouTube investigative outlet.

The NDS built and now operates four public federal websites: ndstudio.gov, trumprx.gov, realfood.gov and trumpaccounts.gov. All four ran commercial visitor-tracking software, configured to evade the privacy tools many web users install, and none carry the public filings federal privacy law requires under laws including the Privacy Act of 1974 and the E-Government Act of 2002.

Separately, none of the NDS’s spending or its arrangements with outside vendors appears in USAspending, the federal contracting database, raising questions about how it is funded and overseen.

Separately, the NDS has also built and runs White House-controlled versions of services the US Congress assigned to other federal agencies, including a passport-application portal that bypasses the State Department’s existing site, and a copy of voter-registration site vote.gov.

Combined, the sites route sensitive interactions Americans have with their government through infrastructure the White House apparently controls, and outside the reporting and accountability systems that normally cover federal agencies. (Jason Wilson / The Guardian)

The number of Iranian cyberattacks against Israel has shot up since the launch of the ​U.S.-Israeli offensive against Iran this year, a senior ‌Israeli security official was quoted as saying.

Yossi Karadi, Director General of Israel's National Cyber Directorate, told German ​newspaper Die Welt that in June 2025 ​, during Israeli military operations against Iran, Israel's ⁠authorities registered around 1,600 hostile cyber incidents.

During the ​same month in 2026, the number had jumped to ​some 4,800 incidents, he told the paper. "Some groups are very skilled," Karadi said, according to the German text of the ​interview.

"We can handle them, but we have to ​take them seriously. Unlike in the kinetic realm, there's no ‌ceasefire in cyberspace."

Karadi said the attacks were directed against systems used by Israel's critical infrastructure, central organizations, small to medium-sized companies and the public, citing law ​practices and accounting ​firms as ⁠among the smaller ones hit.
"So far — and hopefully it stays that way — we've ​managed to fend off attacks on ​critical ⁠infrastructure," he said. (Joern ​Poltz / Reuters)

Related: Times of Israel, Voice of Emirates, Benzinga, The Kabul Tribune, India Today, Jerusalem Post

The FBI and CISA issued an update to their March 20, 2026, Public Service Announcement I-032026-PSA to provide additional information to the public and encourage device owners to take actions to protect themselves against Russian hackers.

The FBI has identified multiple clusters of Russian Intelligence Services (RIS) cyber threat actors responsible for an ongoing commercial messaging application (CMA) phishing campaign against individuals of high intelligence value. Russian Federal Security Service (FSB) officers embedded with the FSB Border Guards and others working on behalf of the Russian military services continue to target current and former U.S. and international government officials, military personnel, political figures, journalists, and key officials located in Ukraine. RIS cyber threat actors have compromised individual CMA accounts, but not the CMA's encryption or the application itself. To date, this activity has been publicly tracked as UNC5792 and UNC4221.

According to the update, RIS cyber threat actors continue to masquerade as automated CMA support accounts in updated phishing messages but have evolved their tactics to attempt to elicit victims' Backup Recovery Keys. RIS cyber threat actors continue to elicit victims' verification codes and account PINs (see Figure 1). If a targeted user backs up their CMA messages as directed in Figure 1 and later provides their Backup Recovery Key (see Figure 2), RIS cyber threat actors can view the account's historical messages, private and group messages, and take over the victim's account.

If a victim inadvertently shares their Backup Recovery Key, that same key remains valid even if they create a new account following the compromise using the same phone number. Consequently, the actor could potentially use the compromised key to take over the new account in the future as well.

To mitigate this risk, the user must generate a new Backup Recovery Key within the Settings control; this action will invalidate the previous key for all future backup downloads. However, please note that this does not prevent the actor from having already downloaded a backup of the original account.

Separately, the Rewards for Justice is offering $10 million for information on UNC5792.

Related: IC3, Rewards for Justice

The US insurance industry’s standard setter, the National Association of Insurance Commissioners, has suspended its risk designations on the investments of insurers, after a cyber attack claimed by ShinyHunters compromised data from rating agencies including Moody’s, S&P and KBRA.

The NAIC said that credit rating agencies had “paused” data sharing in the wake of the breach, and that it had also suspended assigning its own risk designations to insurers’ investments.

These ratings and designations are crucial to US life insurers because they help determine how much capital they must have to meet their future obligations to policyholders. By incurring lower capital charges on similar assets, insurers can improve their profit margins. (Lee Harris / Financial Times)

Related: NAIC, Databreaches.net, eciks.org, Insurance Business

AI is not a cybersecurity strategy.

Organizations with strong security programs will use AI to move faster. Organizations with weak security programs will use AI to create bigger, faster failures.

That's why I wrote The NIST 2.0 Cybersecurity Framework: Practical Risk Management Using Real-World Incidents. The book moves beyond compliance checklists and theory to show how real organizations succeed—or fail—when security fundamentals break down.

If you're trying to build a resilient security program in the age of AI, this book provides a practical roadmap grounded in actual incidents and operational experience.

Wiley is offering Metacurity readers a 20% discount with code ENG20. Order your copy today, and contact me about bulk orders or customized editions for your organization.

The NSW Rural Fire Service (RFS) in Australia is investigating a cybersecurity incident after a hacker gained access to its information and communications technology systems for which the Nova ransomware took credit earlier this month.

An RFS spokesperson said the agency was working to determine “what information may have been accessed or obtained”.

The incident may have involved a third-party vendor supporting NSW Rural Fire Service radio and telecommunications infrastructure. An RFS spokesperson confirmed the incident was “initiated from a compromised account and involved our remote access system”.

The threat actor claimed the data was stolen via Citrix, which offers remote access solutions.

Information Age understands the group was unable to successfully deploy its ransomware and encrypt any data for extortion purposes, but some data may have been exfiltrated. (Leonard Bernardone / Information Age)

Related: Cyber Daily

The $292 million KelpDAO bridge exploit in April and the Humanity Protocol private key theft in June were already suspected as connected, as both incidents carried hallmarks of DPRK-linked operations, with fingers pointing to the notorious Lazarus group.

Now, on-chain evidence shows the proceeds of those attacks are flowing into shared wallets, which is a pattern consistent with a single laundering pipeline, according to blockchain analyst Specter.

According to Specter, the Humanity Protocol attacker moved 15,403 ETH, which is around $23.6 million, to a relatively new Ethereum address. 

The funds were then crossed onto the Bitcoin network, where they mixed with proceeds that have been traced to the KelpDAO exploit.

This action is a well-documented Lazarus Group technique, where they consolidate proceeds from separate operations into unified Bitcoin wallets before routing them through mixers and over-the-counter desks. (Hannah Collymore / Cryptopolitan)

Related: AMB Crypto

Best Thing of the Day: This Manifestation Worked Well

House Homeland Security Committee Chair Andrew Garbarino (R-NY) said the US government needs to “act soon” to get a grip on the threats posed by AI.

Worst Thing of the Day: This Is All Just Headed to Mass Surveillance

Australia's ban on social media for children was the start of a global reckoning; in March, Indonesia began blocking children under the age of 16 from accessing most social media, and Malaysia followed suit this month. Last week, Britain announced its own ban, which it plans to have in place by early 2027

Closing Thought