Cybersecurity

White House seeks $9 billion AI chip surge for US spy agencies to tap AI models

Russian penetration of US systems during SolarWinds breach was deeper than we knew, Mythos Preview users found more than 10k severe vulnerabilities, Iranian hackers were behind the LA transit system breach, Former execs plead guilty to tech support fraud scheme, much more

Metacurity is the only daily cybersecurity briefing built for clarity, not agendas—no vendor spin, no echo chamber, just sharp, original aggregation and analysis of what actually matters to security leaders.

If you rely on Metacurity to cut through the noise on policy, industry shifts, and security research, consider supporting us with a paid subscription. Independent coverage like this only exists because readers decide it’s worth it.

Upgrade my subscription now

According to current and former US officials, the White House has approved a secret $9 billion request to acquire the cutting-edge computer chips that America’s spy agencies need to tap into the full capabilities of the latest artificial intelligence models.

The $9 billion request is intended in part to boost the availability of infrastructure that can support Nvidia’s Grace Blackwell superchip, which requires data centers that can supply enormous amounts of electrical energy and specialized liquid cooling systems.

Congress still must approve that funding, but the administration is also reprogramming $800 million for a more rapid acquisition of computing capacity.

Even larger sums will likely be needed in the future, according to experts. To work around the chip shortage, Susie Wiles, the White House chief of staff, has authorized the National Security Agency to continue to use an advanced model made by Anthropic, even though the Pentagon has designated the company a supply chain threat, US officials said.

US officials said Anthropic and the government are finalizing a classified contract that would allow the NSA to maintain access to Anthropic products. The company’s new model, known as Mythos, runs more efficiently on the new chips but can also run on a previous generation of chips.

Earlier this year, the Defense Department demanded the authority to employ Anthropic’s technology for “any lawful use,” setting off a fight between the two sides. The new contract does not include that language.

The contract will include a carve-out to ensure that the AI model is not used on Americans’ data, said the officials, who added that the White House wants the contract to serve as a model for other companies. (Dustin Volz and Julian E. Barnes / The New York Times)

A Freedom of Information Act lawsuit that Bloomberg News brought against the US government is offering some answers to what happened in the 2020 SolarWinds breaches, with records showing how deeply the alleged Russian hackers were able to penetrate into some of the US financial system’s most sensitive networks.

At the Treasury Department, the hackers took nearly total control of the agency's email systems and had their pick of employee accounts to spy on for much of 2020, according to the documents. The US said the hack was perpetrated by Russia’s Foreign Intelligence Service, but the Russian Embassy in Washington denied this at the time.

The litigation, initiated by our colleague Jason Leopold, pried loose records from the Treasury’s Office of Inspector General’s investigation of the breach. It involved attackers poisoning updates to a popular IT management software, made by SolarWinds Corp., to create backdoors into sensitive networks.

At Treasury, the hackers hijacked the global administrator account for the agency’s SolarWinds systems on July 6, 2020, the documents show. They used it to get an extraordinary capability.

With the account, the hackers made changes to an application called Secure Mail, which “potentially allowed access to all email addresses ending in ‘treasury.gov’,” OIG special agents wrote in a 2021 memo. At the time of the hack, government data show the Treasury employed about 94,000 people.

The hackers maintained access to Secure Mail until Oct. 12, 2020, when a system change inadvertently blocked them, says the memo, which summarized investigators’ interview with a Treasury IT specialist. The employee, whose account was compromised, said it was unclear which emails the hackers targeted and whether they took any data.

The SolarWinds hack was part of a trio of breaches at Treasury in which alleged Chinese and Russian agents exploited longstanding cybersecurity gaps, according to an investigation Bloomberg News published last year.

Treasury inspector general investigators found that the SolarWinds hackers focused on just eight email accounts, including those of staff working on sensitive investigations involving Russia, according to documents Bloomberg reported on in that earlier piece.

But the hackers also took different paths to much broader access, the new records show. A pair of memos from February 2021 detail how one compromised account was connected to more than 300 others, giving the hackers the potential ability to read, write, edit, and delete information from them all.

The documents show that the emails mostly belonged to staff focused on technology, international affairs, terrorism, and financial intelligence, including sanctions. (Jordan Robertson / Bloomberg)

Related: Gizmodo

Anthropic issued an update outlining what it has learned about the critical challenges for cybersecurity in the first weeks of Project Glasswing, saying that most partners have each found hundreds of critical or high-severity vulnerabilities in their software using its Mythos Preview, with the group collectively finding more than ten thousand.

The company has also noted that patched software is being rolled out much more quickly. The latest Palo Alto Networks release included over five times as many patches as usual. Microsoft has reported that the number of new patches they’ll release will “continue trending larger for some time.” And Oracle is finding and fixing vulnerabilities across its products and cloud multiple times faster than before.

Mythos Preview has also proved useful for other kinds of security work. For example, at one of our Glasswing partner banks, Mythos Preview helped to detect and prevent a fraudulent $1.5 million wire transfer after a threat actor compromised a customer’s email account and made spoof phone calls.

Mythos Preview has found what it estimates are 6,202 high- or critical-severity vulnerabilities in these projects (out of 23,019 in total, including those it estimates as medium- or low-severity).

1,752 of those high- or critical-rated vulnerabilities have now been carefully assessed by one of six independent security research firms, or in a small number of cases by ourselves. Of these, 90.6% (1,587) have proved to be valid true positives, and 62.4% (1,094) were confirmed as either high- or critical-severity. (Anthropic)

Anthropic dashboard of open-source vulnerabilities, showing vulnerabilities of all severities (rather than only those estimated high- or critical-severity by Mythos Preview). Source: Anthropic.

Researchers at Gambit Security report that Iranian hackers were responsible for a disruptive computer breach in March that forced Los Angeles' transit system to shut down parts of its network.

The saboteurs stole at least 700 gigabytes of emails, backups, and other files from the Los Angeles County Metropolitan Transportation Authority (LACMTA).

Digital security specialists have suspected an Iranian hand in the operation against the LACMTA ever since responsibility was claimed by an obscure pro-Iran outfit calling itself Ababil of Minab. The group's name refers to the bombing of a girls' school in the Iranian city of Minab that officials there say killed more than 175 children and teachers, and its rhetoric and modus operandi are characteristic of self-styled vigilante hacker groups that US and Israeli researchers allege are cut-outs for Iranian spies.

Ababil also has claimed credit for hacks affecting South Florida's Tri-Rail commuter transit system, vehicle tracking company Vyncs, and ⁠Saudi infrastructure firm Unimac.In a statement, Tri-Rail confirmed it had been hacked "about a month ago," but said that none of the affected data was critical. Vyncs' owner Agnik said it had detected its breach on April 2 but declined to comment on the nature of the data stolen by the hackers.

Both Tri-Rail and Agnik said the FBI was involved, with Agnik saying in an email that the bureau "has ⁠a pretty good understanding of who these criminals are." Unimac did not return messages seeking comment.

The group behind Ababil has hacked other organizations whose identity it has not publicized, Gambit Security said, citing its analysis of other data left online by the spies.

Gambit said they included a media organization and educational institution in Israel and an insurance brokerage in Turkey, but he ⁠declined to identify them further. (Raphael Satter and A.J. Vicens / Reuters)

Related: Gambit Security

Former CEO Adam Young (from Miami, Florida) and former CSO Harrison Gevirtz (from Las Vegas, Nevada) of call tracking and analytics company C.A. Cloud Attribution, Ltd. pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide.

They admitted to a misprision of a felony charge, which carries a maximum penalty of three years in federal prison, a fine of up to $250,000, or both, and are scheduled for sentencing on June 16.

According to court documents, they operated using the C.A. Cloud tradename between early 2017 and April 2022, providing telephone numbers, call recordings, call forwarding, and call-tracking services to many customers, who they knew were also engaged in telemarketing and tech support fraud scams.

The fraudsters behind these schemes placed deceptive pop-up ads on users' computers, falsely claiming the systems were infected with malware, and directing victims to call center agents who asked for hundreds of dollars for fictitious technical services, while impersonating Microsoft and Apple in some cases.

Some scammers also allegedly remotely accessed their victims' computers and, in some instances, stole personal and financial information to withdraw funds without authorization. (Sergiu Gatlan / Bleeping Computer)

The European Central Bank is to urge banks to speed up work to protect their IT systems, having summoned lenders to a meeting to discuss cyber security risks exposed by the latest AI models.

The ECB plans to stress the seriousness of the threat to the financial system revealed by Anthropic’s Claude Mythos Preview and similar AI models, while urging US banks that have been using the latest technology to share information with European rivals that lack such access.

“There is a whole range of issues on cyber security that we have been engaging on with the banks for years, which are all still valid, but given the progress in AI, they need to be dealt with faster,” Frank Elderson, vice-chair of the ECB supervisory board that oversees banks, said.

The ECB’s hastily arranged meeting underlines how regulators around the world are rushing to tackle the risks that Mythos and other advanced AI models could pose to the global banking system by exposing weaknesses in lenders’ IT systems. (Martin Arnold / Financial Times)

Cryptocurrency companies are preparing for the threat that powerful quantum computers could soon be able to hack the security at the heart of the global industry, including breaking the critical code that underpins Bitcoin.

The risk to crypto posed by fast-developing quantum technology — which exploits the way the physics of matter works differently at atomic and subatomic levels — was once considered a distant possibility, with bitcoin widely seen as unhackable.

But digital assets firms are speeding up their preparations for a “post-quantum” age, as tech companies slash the timelines for developing practical quantum computers to as soon as 2030.

The focus on the threat to crypto has grown as quantum computer developers have predicted useful machines could be built as soon as 2030, although skeptics point to big remaining technical hurdles, notably the need to cut the computers’ error rates.

“The challenge is no longer ‘a decade away’ as thought earlier,” said Gautam Chhugani, senior analyst of global digital assets at Bernstein, adding that the crypto industry would need three to five years and investments of “several billions if not hundreds of billions” of dollars in order to prepare. (Michael Peel and Nikou Asgari / Financial Times)

Researchers at SafeDep warn that more than 5,500 GitHub repositories were infected with malware in a supply chain attack that relies on automated commits.

The campaign, dubbed Megalodon, relies on GitHub Actions workflows containing a payload designed to steal credentials, keys, tokens, and other secrets.

The workflows, SafeDep says, were injected through over 5,700 malicious commits pushed to the impacted repositories within a six-hour window, on May 18.

According to the cybersecurity firm, the attackers deployed two payloads as part of the attack. One was designed to add a new workflow that would be triggered on every push and pull request, and another that replaced existing workflows with specific triggers, creating dormant backdoors.

On infected machines, the malware would exfiltrate all CI environment variables, AWS credentials, GCP access tokens, Azure credentials, SSH private keys, Docker and Kubernetes configurations, API keys, database connection strings, GitHub Actions tokens, GitLab CI/CD tokens, and dozens of other types of secrets.

Megalodon, SafeDep explains, was discovered after malicious versions of the Tiledesk package, an open source live chat and chatbot platform, were identified. The infected packages were published between May 19 and May 21. (Ionut Arghire / Security Week)

Thai authorities arrested six Nigerian nationals over an alleged artificial intelligence-powered romance scam operation uncovered in Nonthaburi Province, near Bangkok.

Investigators described the operation as a sophisticated cyber fraud network believed to have targeted vulnerable victims through fake online relationships.

The suspects were arrested on 22 May 2026 after Thai police raided three luxury condominium apartments near the Phra Nangklao Bridge following weeks of surveillance and intelligence gathering linked to an earlier cocaine trafficking investigation.

According to authorities, suspicious financial transactions uncovered during the narcotics probe led investigators to the upscale riverside apartments, which were allegedly being used as a base for online fraud activities.

Police said officers were forced to break into the apartments after the suspects reportedly refused to open the doors during the operation.

Investigators further disclosed that one of the suspects attempted to escape through a balcony, while another allegedly locked himself inside a bathroom and sent warning text messages to others during the raid.

Security operatives recovered 18 mobile phones, three laptops, and several banking documents from the apartments. (Bukola Ogunsina / Leadership)

As AI upends jobs — particularly in Silicon Valley — the risks and pitfalls associated with the technology have helped fuel a new wave of hiring for cybersecurity experts.

Demand is so fierce that some search firms have said they are turning away clients, partly because there are too few qualified candidates to go around. Cybersecurity job postings in the first quarter were up 11 percent from a year earlier, according to Glassdoor, a job search platform.

Hiring of security experts has surged as tech workers increasingly use AI to generate code, sometimes introducing bugs and vulnerabilities in the process. Leading AI labs have warned that their latest technologies, like Anthropic’s Mythos model, could be used to find and exploit software vulnerabilities. That would make it easier to hack into companies’ infrastructure.

The hiring frenzy shows how AI can also help create some jobs, even amid dire warnings that the technology could replace vast parts of the workforce.

“We’re going to need people to deal with the bug-pocalypse,” said Lea Kissner, the chief information security officer at LinkedIn. “I don’t think we’re really going to understand how to do AI security in a sustainable, long-term way for at least several years.” (Kate Conger / New York Times)

Related: TechCrunch

A presumed foreign state actor hacked the WhatsApp accounts of an Australian federal parliamentarian and three staffers, a budget estimates hearing has been told.

The Department of Parliamentary Services blocked the Meta-owned messaging application on all parliamentary web browsers after the phishing attack was reported on March 6, the department’s chief information officer, Mike Webb, told an inquiry.

All four accounts were compromised in the same way, Webb said. The hackers first requested that a legitimate verification code be sent to the users’ devices.

They then sent the victims a request to send them the verification code, which the hackers used to log into the account. “The next step is to link one of their devices, and they essentially become that person from a communication perspective,” Mr Webb said.

Evidence suggests a foreign state actor conducted the attack, he said. (Australian Associated Press)

Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a so-called bulletproof web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns.

FIOD arrested a 57-year-old suspect, who was the company director, and a 39-year-old who headed a separate firm that provided internet connectivity.

According to the authorities, the suspects indirectly provided economic resources to Russian and Belarusian entities sanctioned by the European Union (EU).

The investigation focuses on the activities of web hosting firm Stark Industries, founded on February 10, 2022, shortly before Russia invaded Ukraine.

“The [Dutch] web hosting company, according to the research team, provided support to actions by the Russian Federation that undermine democracy and security, including through information manipulation and disruption of public and economic systems,” FIOD says. (Bill Toulas / Bleeping Computer)

Laptops and devices seized by Dutch police. Source: FIOD.

More than 600,000 records have been stolen from Lithuania's Centre of Registers, the state agency responsible for managing property and personal data.

Prosecutors have opened an investigation, saying the unauthorized access may have originated from a foreign state.

According to Centre of Registers chief Adrijus Jusas, the breach exposed data from real estate register extracts, including personal identification numbers.

He maintained, however, that contact details such as phone numbers and email addresses were not compromised, nor were bank account numbers, payment information, or documents relating to property transactions or court rulings.

Prosecutors confirmed that several unauthorized logins and attempts to access the Center of Registers were carried out from a foreign state, using systems administered by other institutions. They have not named the country or institutions involved, and Jusas said he was unable to disclose those details. (LRT.lt)

Related: Associated Press, Hawa Hiba, UA News

A Dutch court has ruled that the government may extend its contract with Solvinity, a key infrastructure provider for the Netherlands national digital identity system DigiD, despite the company’s planned acquisition by a US firm.

According to the reasoning provided by the Hague’s preliminary relief court, abruptly ending the relationship with Solvinity could threaten the continuity of critical digital government services.

The dispute reflects broader European concerns about digital sovereignty, foreign control over critical public-sector infrastructure, and the ability of US legal frameworks to reach sensitive government systems operated through multinational technology providers.

The case was brought by three Dutch citizens, who argued that US authorities could gain access to sensitive Dutch user data under the US CLOUD Act if Solvinity were acquired by Kyndryl, a multinational corporation headquartered in New York. DigiD, which is managed by the government IT agency Logius, serves as the authentication backbone for Dutch public services, including taxation, healthcare, pensions, and municipal administration. (Masha Borak / Biometric Update)

Related: Politico, Dutch News, NL Times

Researchers at Palo Alto Networks report that an Iran-linked cyber espionage group called Screening Serpens targeted entities in the US, Israel, and the United Arab Emirates during a months-long campaign that coincided with the recent regional escalation.

Palo Alto Networks says Screening Serpens, also tracked under the aliases UNC1549, Smoke Sandstorm, and Iranian Dream Job, is an Iran-nexus advanced persistent threat (APT) group aligned with Iranian intelligence objectives.

The group targeted entities in the US, Israel, and the UAE, and likely two additional Middle Eastern entities. The research focused on cyberattacks carried out from mid-February through April 2026.

Unit 42 said the timing of the campaigns was closely aligned with the regional conflict that began in the Middle East on February 28, 2026, as well as with Operation Roaring Lion, when a series of explosive drones targeted Israeli cities. During the investigation, researchers identified six new remote access Trojan (RAT) variants that were developed and deployed between February and April 2026. (Jerusalem Post)

Related: Unit42, Israel Defense

Timeline of Screening Serpens documented activity. Source: Palo Alto Networks.

Researchers at Check Point discovered that the Iran-linked threat actor Nimbus Manticore (aka UNC1549) used the chaos of active conflict generated by the US against Iran as cover to accelerate its operations, debut new malware, and experiment with delivery methods it had never tried before.

The APT group is affiliated with Iran’s Islamic Revolutionary Guard Corps. It has been on the radar of threat intelligence experts for years, primarily targeting defense, aviation, and telecommunications organizations through career-themed phishing, fake job opportunities convincing enough to fool employees at major companies. What Check Point observed between February and April of this year, however, goes well beyond that established playbook.

The operations proceeded in three waves and introduced a previously undocumented backdoor, named MiniFast, which appears to incorporate AI-assisted development practices, enabling the threat actor to rapidly develop and adapt tooling while maintaining high operational availability during the war.

Nimbus Manticore mainly targets organizations in Europe, the Middle East, and Africa, especially in Israel and the UAE, but recent campaigns expanded to the US aviation sector. The group tailors phishing lures to specific industries, using fake airline hiring portals to target aviation employees. Current operations also target software development organizations, aligning with the IRGC’s broader intelligence-gathering objectives. (Pierluigi Paganini / Security Affairs)

Related: CheckPoint, Industrial Cyber

2026 campaign timeline during the ongoing military campaign. Source: Check Point.

Reform UK leader Nigel Farage is under mounting pressure to provide evidence for his claim that a state-sponsored Russian hack was behind the disclosure of the £5m gift he received from the crypto billionaire Christopher Harborne.

Reform UK claimed over the weekend that analysis of Farage’s phone by “counter-espionage experts” suggested that “Farage’s phone, email and bank accounts were compromised by hostile actors, almost certainly linked to Moscow, using spear phishing tactics”, before the Guardian revealed details of his undeclared gift last month.

Farage told the Mail on Sunday that the alleged Russian activity was “deeply concerning” and highlighted the “threat they pose to British security”.

Farage’s claims followed intensifying scrutiny of the £5m gift he received from Harborne. Farage had not publicly declared the gift, despite parliamentary transparency rules requiring MPs to register gifts and donations above a certain threshold. (Aletha Adu and Dan Sabbagh / The Guardian)

Related: The Independent, The National, LBC

Ethereum liquid staking protocol Kelp Dao says its restaked Ether token has been restored with a five-week recovery effort after the protocol suffered a $293 million exploit by North Korea’s Lazarus Group on April 18.

Kelp DAO said that the final tranche of 20,373.7 Kelp DAO restaked ETH (rsETH) tokens was sent to the LayerZero smart contract responsible for locking, minting, burning, and releasing rsETH during cross-chain transfers.

“This closes the operational part of the rsETH recovery plan,” Kelp said. Several crypto protocols contributed funds to help restore rsETH’s backing under the DeFi United initiative. (Brayden Lindrea / Cointelegraph)

Related: Crypto Briefing, CoinMarketCap

In a new SEC filing, the Oncology Institute says a previously disclosed cybersecurity incident has been confirmed to impact patient information.

The healthcare organization told the SEC in November 2025 that it had learned of a cybersecurity incident affecting a third-party software services provider. At the time, the vendor’s investigation was ongoing, and it could not say whether patient information had been compromised.

“However, on May 20, 2026, Kroll, who is the third-party administrator for the Vendor, notified [TOI] that the Vendor had detected unauthorized access by a third party to certain information systems of [TOI], including systems affecting data of patients,” TOI said in the filing. (Eduard Kovacs / Security Week)

Related: SEC, Security Affairs

The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned.

The cybercriminals claimed to have stolen over 600,000 records containing corporate data and personally identifiable information after breaching 7-Eleven's Salesforce environment. They then leaked a 9.4GB archive of documents on their dark web leak site after the company refused to pay a ransom to have the stolen data returned and destroyed. (Sergiu Gatlan / Bleeping Computer)

Related: HaveIBeenPwned

Best Thing of the Day: The Brits Show How It Should Be Done

The UK's AI Security Institute is one of the world’s largest and best-funded government efforts dedicated to probing the technology’s potentially catastrophic risks and is running circles around the underfunded US Center for AI Standards and Innovation.

Bonus Best Thing of the Day: Bringing Human Decency to the AI Boom

In ‘Magnifica Humanitas,’ Pope Leo XIV took direct aim at the power of Big Tech in his first encyclical on Monday (May 25), warning that artificial intelligence risks widening inequality, weakening democracy, and undermining what it means to be human.

Extra Bonus Best Thing of the Day: Don't Let the Door Hit You on the Way Out

The widely derided US director of national intelligence, Tulsi Gabbard, has finally resigned.

Worst Thing of the Day: A Reminder to Lock Down and Wipe Stolen Phones

A record 81,000 phones were reported stolen in London in 2024, which was only the beginning for the phone theft victims, many of whom were then subjected to threatening communications– some violent – from the thieves.