Earlier this month, Anthropic said its Mythos Preview model was so good at finding cybersecurity vulnerabilities that the company was limiting its initial release to "a limited group of critical industry partners." Since then, debate has raged over whether the model presages an era of turbocharged AI-aided hacking or if Anthropic is just building hype for what is a relatively normal step up on the ladder of advancing AI capabilities. READ MORE...
Following a similar assault on Bluesky just days prior, the decentralized social media platform Mastodon has also been targeted in a major distributed denial-of-service (DDoS) attack. The attack targeted Mastodon.social, the flagship Mastodon server, and caused what the organization classified as a 'major outage'. According to the Mastodon status page, the DDoS attack started on April 20 at around 1 PM, and by 4 PM mitigations were rolled out and the site became accessible. READ MORE...
A core leader of the hacker subset of The Com responsible for a series of high-profile phishing attacks and cryptocurrency thefts from September 2021 to April 2023 pleaded guilty to federal charges, the Justice Department said Friday. Tyler Robert Buchanan of Dundee, Scotland, pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft. The 24-year-old was arrested by Spanish police in Palma in 2024 as he attempted to board a charter flight to Naples, Italy. READ MORE...
Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers to bypass firewall detection. MOVEit WAF (web application firewall) is designed to protect Progress's managed file transfer platform MOVEit Transfer from web-based attacks. (A zero-day vulnerability in MOVEit Transfer was infamously exploited in 2023 by the Cl0p cyber extortion gang to grab data from hundreds of organizations.) READ MORE...
A Mirai botnet is targeting discontinued D-Link routers impacted by a command injection vulnerability disclosed a year ago, Akamai reports. Tracked as CVE-2025-29635, the security defect exists because an attacker-controllable function value is copied without validation, and can be exploited through crafted POST requests. "The router extracts the value that ends up in the command buffer from the request body without checking which form field it came from," Akamai notes. READ MORE...
The infamous phony job-offer ploy by North Korean threat actors is evolving into a self-propagating machine that uses compromised developer projects to infect other code repositories and spread like wildfire through the software supply chain. The so-called "Contagious Interview" gambit that has been tracked for several years has now firmly moved beyond single-target social engineering attacks aimed at compromising organizations via the developer ecosystem. READ MORE...
Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two sides, so we searched for an official rebuttal by Anthropic. But we couldn't find one. It would surprise me very much if they'd be unaware of the claim, since there's been some noise about it. Users on Mastodon, Reddit, and LinkedIn are confirming the researcher's findings, so it's hard to imagine Anthropic missed it. READ MORE...
Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations it is designed to protect. Two of the exploits enable SYSTEM-level access on vulnerable systems. The third quietly disrupts Defender's update mechanism to progressively degrade its ability to detect new threats. READ MORE...
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. The security flaw, tracked as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition (the latest on-premises version, which uses a "continuous update" model). READ MORE...