The Federal Communications Commission approved new rules Thursday that boost cybersecurity regulations for the nation’s emergency alert systems and update security rules for the nation’s undersea cables.

The new rule would overhaul two national emergency systems, the Emergency Alert System and Wireless Emergency Alerts, to better protect against hijacking attacks from malicious actors.

The EAS is a national public warning system that state and local authorities use to disseminate information related to weather events, AMBER alerts and other emergencies via radio and television broadcasting stations. The WEA handles much of the same messaging via text.

A compromise of either system by a foreign government, cybercriminal group or other rogue actor could be used to sow chaos and disinformation in calmer times, or impede coordination efforts in the face of a genuine emergency. Any vulnerability in systems like the Emergency Alert System “can have serious consequences,” said FCC Commissioner Olivia Trusty in a statement after the vote.

“That is why it has been appropriate for the Commission to conduct a comprehensive review of the EAS framework by focusing on the security of the system itself,” Trusty continued. “As cybersecurity threats continue to evolve, EAS participants must take appropriate steps to safeguard the infrastructure that supports the delivery of life-saving alerts.”

The new rules amount to basic – but still critical – cyber hygiene practices for users accessing and updating the EAS and WEA systems. They must use strong passwords, quickly install security patches from vendors and use firewalls to limit access to their equipment.

The rule also creates a new authentication ID system to verify alerts before they’re submitted and avoid duplicate or unauthorized alerts from spreading.

Another rule passed by the Commission Thursday provided the first comprehensive update to the FCC’s submarine cable regulations in decades, and moves to tighten cybersecurity requirements in some areas while loosening them in others.

It exempts some undersea cable providers from submitting to stringent national security licensing reviews needed to land and operate cables that touch U.S. territory.

The review, called “Team Telecom,” is an interagency body led by the Department of Justice’s Foreign Investment Review Section and other federal agencies that advise the FCC on the national security implications of their telecom policies.

The new rules would presumptively exempt applications for undersea cable licensees when the provider can self-certify to “high security standards” that are “structured to increase certainty, predictability, and faster timelines for the licensing process.”

“Currently, all submarine cable applications get referred to Team Telecom…the changes adopted would exempt applications from applicants that have operated cables without incident, can certify to the highest national security standards, and agree to ongoing oversight and monitoring,” the FCC said in a release.

Other parts of the rule give the FCC greater oversight of critical functions within undersea cable operations. Owners and operators of submarine line terminal equipment, who connect submarine cables to land-based facilities in the U.S., will be subject to a new licensing requirement.

The rule also moves to update safeguards meant to address vulnerabilities related to principal equipment, third-party service providers, and other areas of concern in the undersea cable supply chain.

The post FCC passes new cybersecurity rules for emergency systems, undersea cables appeared first on CyberScoop.

In a novel maneuver for a disruption operation against cyber attackers, industry and law enforcement teamed up to conduct a court takedown of two widely-used criminal tools at once rather than individually, Microsoft said Tuesday.

The takedown simultaneously went after Amadey, a botnet that can serve as a malware delivery system, and StealC, an infostealer. Cybercriminals often use them in conjunction and they rely on the same infrastructure, Microsoft said.

“When multiple parts of an operation are disrupted together, attacks are harder to launch, scale, and recover from,” said Steven Masada, assistant general counsel for Microsoft’s Digital Crimes Unit. “The result: fewer disrupted services, fewer opportunities for cybercriminals to profit, and more friction when they try to rebuild. It’s no longer enough to go after threats one by one. We need to interrupt how the attacks are put together.”

Microsoft had been tracking Amadey with ESET, BitSight, Lumen and Mitsui Bussan Secure Directions. Meanwhile, Europol had been investigating StealC alongside law enforcement partners including Germany’s Federal Criminal Police Office and the Dutch and Danish National Police as well as IBM X-Force and Proofpoint.

They then joined forces and turned to the Racketeer Influenced and Corrupt Organizations (RICO) Act, used to help authorities go after organized crime, to disrupt more than 200 command-and-control servers. Microsoft said it gained insights from its artificial intelligence product Copilot that “allowed the legal team to treat both malware families as part of a single criminal conspiracy.”

Microsoft regularly leads court-authorized disruption operations, but the industry and law enforcement partnerships combined with AI to expand data collection and identify connections beyond what one company could normally do, it said.

Amadey and StealC were linked to more than 140,000 infected computers around the globe in the first week of May alone, the company said. StealC has ranked among the top infostealers for years since its emergence in 2023 and sells in underground forums as a malware-as-a-service. It’s typically used by Russia-linked groups.

Amadey dates back to 2018, and is also commonly employed by Russian groups, including in attacks on Ukraine.

Their interaction shows the assembly line-like structure of modern cybercrime, Microsoft said. Even if the cybercriminals behind both tools never coordinate, their tools are designed to work together, it said.

“StealC is an infostealer that collects sensitive data from browsers, cryptocurrency wallets, messaging applications, email clients, and gaming platforms,” the company wrote in a separate blog post. “It is a malware-as-a-service (MaaS) offering that threat actors use to generate customized payloads and manage stolen data through a centralized web panel. Meanwhile, Amadey is a MaaS loader that threat actors use to deliver StealC and other malware. Modular, pay-as-you-go models like StealC and Amadey allow threat actors to use a single initial infection to quickly escalate into multiple other threats.”

The post In a first, a court takedown goes after two cybercrime tools at once appeared first on CyberScoop.

Hundreds of C&C servers were disrupted in an operation involving law enforcement and several cybersecurity companies.

The post Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware appeared first on SecurityWeek.

Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta.

The post New ‘Mistic’ RAT Opens Door to Several Ransomware Families appeared first on SecurityWeek.

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.

Thalha Jubair, 20, of East London and 18-year-old Owen Flowers of Walsall admitted conspiring to commit unauthorized acts against Transport for London computer systems and causing risk of serious damage to human welfare. According to a report from the BBC, Flowers alone admitted to being part of a conspiracy to hack into U.S. based healthcare providers SSM Health Care Corporation and Sutter Health in September 2024.

Jubair is also wanted by U.S. law enforcement agencies. In September 2025, prosecutors in New Jersey unsealed an indictment alleging Jubair and other Scattered Spider members committed computer fraud, wire fraud, and money laundering in relation to 120 computer network intrusions involving 47 U.S. entities between May 2022 and September 2025, and that the group’s victims paid at least $115 million in ransom payments.

In July 2025, KrebsOnSecurity reported that Flowers and Jubair were arrested in the United Kingdom in connection with Scattered Spider ransom attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. Multiple sources familiar with those investigations said Flowers was the Scattered Spider member who anonymously gave interviews to the media in the days after the group’s September 2023 ransomware attacks disrupted operations at Las Vegas casinos operated by MGM Resorts and Caesars Entertainment.

According to prosecutors, Jubair co-ran a bustling Telegram channel called Star Chat, the home of a SIM-swapping group that used voice- and SMS-based phishing attacks to steal credentials from employees at the major wireless providers in the U.S. and U.K. The group would then use that access to sell a service that could redirect a target’s phone number to a device the attackers controlled and intercept the victim’s calls and text messages (including one-time codes for multi-factor authentication).

New Jersey prosecutors also allege Jubair also was involved in a mass SMS phishing campaign during the summer of 2022 that stole single sign-on credentials from employees at hundreds of companies. That weeks-long SMS phishing campaign led to intrusions and data thefts at more than 130 organizations, including LastPass, DoorDash, Mailchimp, Plex and Signal.

KrebsOnSecurity reported last year that one of Jubair’s alter egos at age 15 was “Everlynn,” a hacker who sold fraudulent “emergency data requests” that used compromised police and government email addresses to demand subscriber data (e.g. username, IP/email address) from major tech companies, claiming the requests concerned urgent matters of life and death and could not wait for a court order.

In April 2026, 24-year-old British national and Scattered Spider member Tyler “Tylerb” Buchanan pleaded guilty to wire fraud conspiracy and aggravated identity theft for participating in the group’s SMS phishing spree in the summer of 2022. The government said Buchanan, Jubair and others used the credentials harvested in that phishing campaign to steal at least $8 million in cryptocurrency from victims throughout the United States. Buchanan is currently scheduled to be sentenced on October 2.

In August 2025, 20-year-old Scattered Spider member from Florida named Noah Michael Urban was sentenced to 10 years in federal prison and ordered to pay $13 million in restitution, after pleading guilty to charges of wire fraud and conspiracy.

The U.S. Department of Justice says three alleged Scattered Spider defendants indicted along with Buchanan still face charges, including Ahmed Hossam Eldin Elbadawy, 24, a.k.a. “AD,” of College Station, Texas; Evans Onyeaka Osiebo, 21, of Dallas, Texas; and Joel Martin Evans, 26, a.k.a. “joeleoli,” of Jacksonville, North Carolina.

Flowers and Jubair are slated to be sentenced in a London court on July 15, 2026.

Come vulnerabilities were found within hours, but that does not mean the model was able to exploit them within that time, the official said.

The post Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says appeared first on SecurityWeek.

Intelligence agencies for the United States, Canada, UK, Australia and New Zealand are warning that advanced AI models capable of wreaking havoc in the cyber domain are “months away” from being publicly available.

In a joint statement, the Five Eyes alliance say they expect the kind of advanced hacking capabilities provided by frontier models like Anthropic’s Fable 5 and OpenAI’s Daybreak to become broadly available the public within the year, despite efforts by AI companies to withhold them or restrict their access.

“Frontier Al models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities,” the agencies said. “The timeline is not years, it is months.”

The statement, which included signatures from NSA’s Director of the Cybersecurity Directorate David Imbordino and acting CISA Director Nick Andersen, does not specifically cite secret or classified sources or methods to reach this conclusion.

But much of the underlying justification provided by the intelligence agencies also aligns with what public cybersecurity and AI experts have been warning about for months.

AI models capable of exploiting cybersecurity weaknesses are already available today through multiple channels: older commercial models, open-source versions, or foreign and black-market sources. And while newer models like Mythos are reportedly significantly more powerful for cybersecurity-related tasks, the breakneck pace of frontier model development often means that yesterday’s restricted frontier AI is tomorrow’s free, open-source AI.

Representative Andrew Garbarino, R-N.Y., Chair of the House Homeland Security Committee, said the warning from intelligence agencies “underscores what the Committee has repeatedly heard through roundtables, briefings, and hearings with industry leaders: China is just months, if not now weeks, away from achieving frontier AI capabilities comparable to those of the United States.”

“This threat reinforces the urgency of ensuring that federal agencies and critical infrastructure operators can responsibly leverage advanced U.S. models, and receive the guidance and support necessary to do so, to find vulnerabilities before adversaries can exploit them,” said Garbarino in a statement.”

The agencies flag legacy systems, sluggish patching loops, unnecessary internet connectivity, weak identity and access controls, and a lack of pre-incident planning by organizations as key weaknesses that AI will excel at exploiting.

“The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years,” the agencies wrote. “We must act before and be prepared to adapt and withstand evolving threats.”

Since large language models burst onto the scene, open-source models have run about 6-8 months behind the largest frontier AI companies.

To give an idea of how quickly the field develops: the capabilities described in the Amazon threat intelligence report that convinced the Trump administration to place export controls on Fable 5 could already be accomplished through older models like Claude Opus and Claude Sonnet, as well as open-source Chinese models.

Anthropic shut down access to their Fable 5 and Mythos 5 models as a result, and despite releasing a statement that they believe the White House decision was a “misunderstanding” the dispute remains resolved.

Programs like Anthropic’s Project Glasswing and OpenAI’s Trusted Access for Cyber Program provide AI systems to organizations for cyberdefense.  The goal is to give defenders a head start in finding and fixing vulnerabilities before AI systems can exploit them routinely in the coming years.

However, for all the fear surrounding the new technology, the recommended guidance is largely the same as it has been for decades. Governments, businesses and leaders must stop treating the digital security of their work as an afterthought or compliance issue.

“Success will come from getting the basics right, acting quickly, and integrating cyber security into core business strategy,” the agencies wrote. “Those that do not will face growing operational and strategic disadvantage.”

06/23/2026: This story was updated to include comment from Rep. Andrew Garbarino, R-N.Y.

The post Intel agencies: Frontier AI models will reshape cybersecurity faster than expected appeared first on CyberScoop.

Paul Schroeder writes: On June 4, 2026 the Department of Commerce issued a new order “Disclosure Avoidance for Statistical Products” (DAO 216-26) that limits the types of privacy protection methods that the Census Bureau and Bureau of Economic Analysis (BEA) can use for their data products. This order subverts processes developed over decades to foster transparency and...

Members of Congress responded with skepticism and caution Tuesday to the Trump administration’s decision to impose export controls on Anthropic’s newest AI models.

The Friday order, which Anthropic said forced it to disable its Fable 5 and Mythos 5 artificial intelligence models, was prompted by what the administration said were national security concerns that a large number of cybersecurity professionals have dismissed as ill-founded.

Several Hill Democrats told CyberScoop they were concerned that the administration’s decision was driven by other considerations. Notably, the administration has feuded with Anthropic over use of its models for domestic surveillance and fully autonomous weapons.

Sen. Angus King, a Maine independent who caucuses with Democrats, said he would need to be convinced it was a legitimate national security order and hadn’t yet seen a full justification.

“What they did was pretty extreme, and I’d want to see what the basis was, as opposed to all the other issues that are swirling around in cybersecurity,” he said. “I’m a little skeptical because of their otherwise announced antipathy to this company.”

Leaders of the House Homeland Security Committee had contrasting takes, with Chairman Andrew Garbarino, R-N.Y., offering a two-pronged response and the top Democrat on the panel, Bennie Thompson of Mississippi, panning the order.

“The administration is right to treat advanced AI cyber capabilities as a national security issue, especially when foreign adversaries and cybercriminals are actively looking for ways to weaponize these tools,” Garbarino said in a statement. “At the same time, we need to make sure our response does not unintentionally disadvantage American companies, allied partners, or critical infrastructure defenders who need access to the best secure tools available in order to protect our networks here at home.”

The United States, not China, needs to set standards for trusted AI, Garbarino said.

But Thompson said the order adds evidence to the appearance that the Trump administration doesn’t “have a coherent plan for mitigating the cybersecurity risks” of frontier AI models, he told CyberScoop in a statement.

“AI regulations should rely on standards and procedures that provide confidence to the public that decisions are based on the evidence and not on politics,” he said. “Instead, the Trump administration has adopted an ad hoc approach where decisions are made by political appointees in the White House rather than experts and where companies are left guessing on how to comply.”

Virginia Sen. Mark Warner, the top Democrat on the Intelligence Committee, had also previously highlighted the administration’s quarrel with Anthropic in response to the order in a statement to CyberScoop.

Behind the scenes, the administration and Anthropic were reportedly continuing to try to forge a truce Tuesday. More broadly, the administration’s AI executive order had a rocky rollout as the administration swung back-and-forth on how involved the government should be.

Some lawmakers deferred on commenting Tuesday, such as Senate Homeland Security Committee Chairman Rand Paul, R-Ky., who told CyberScoop he didn’t have anything to say on the order.

Others said they were still seeking information from the administration.

“I have not had the opportunity to get a brief specifically as to the logic, the reasoning behind it, and so forth,” said Sen. Mike Rounds, the South Dakota Republican who chairs the Armed Services Subcommittee on Cybersecurity. “So I’m going to withhold judgment until I get an opportunity to get the rest of the story, so to speak.”

The post Lawmakers leery about Trump administration’s Anthropic order appeared first on CyberScoop.

While Washington D.C. frets over the potential impact of Anthropic’s Claude Fable 5, security researchers continue to track how the integration of frontier AI tools are transforming the digital security landscape for malicious hackers and defenders alike.

The breakneck speed of model releases may be creating short, silent security gaps for developers who must choose between performance and security, according to a new report.

Researchers at Backslash Security pored through update logs for Claude Code, Anthropic’s flagship coding model, finding the company was patching dozens of newly discovered security vulnerabilities in the program between April and early June 2026.

The logs revealed the details of more than 30 security relevant patches implemented over that timeframe, but Anthropic did not publicize them. Instead, Backslash Security researchers found them by reviewing update logs for every new version of a Claude Code release in the last two months, noted the security-relevant fixes and traced each one back to the version and date it shipped.

The patches included fixes for data poisoning, prompt injection and arbitrary code execution vulnerabilities. One bypassed core safeguards put in place to prevent Claude Code from accepting catastrophic deletions commands, such as erasing an entire codebase, by adding a single backslash to the command. Another leaked user OAuth credentials, while a third allowed an AI agent to plant a backdoor in shell startup files.

There is nothing inherently odd about this: most companies regularly update and patch their software  and anyone who had auto-updates turned on would automatically be switched to the newest, secure version of Claude Code.

But Yossi Pik, co-founder and chief technology officer at Backslash Security, told CyberScoop that the research concluded “the way AI agents are released is different than previous software.”

“We debated internally, because when I originally said I wanted to write about this, I was told ‘Okay, every company has the [same] issue, then they patch and fix,” he said. “This is the nature of software, but I think that what makes this unique is the cadence and frequency of the releases.”

AI companies keep a ferocious pace when updating their models. Claude Code’s changelog indicates there have been 16 different versions through the first half of June, while OpenAI’s Codex was updated 6 times.

Because model updates often bring short-term performance and stability issues, software developers typically wait a week or more before upgrading to a new version.

These time gaps create small windows of vulnerability and force developers to choose between security and performance. The report identifies several reasons why developers don’t automatically update their AI models, including companies that may rely on internal vetting or release schedules, operate in regulated or air-gapped environments where model versions are frozen, and the need to maintain long-running sessions or use manual installations.

Pik said some IT and security teams have also told him they prefer not to install any new version of an AI model without letting it run on other environments first.

“You don’t have that much flexibility, either I go to the latest and I’m getting a less stable version [of the model] or I’m waiting for a few days or a week until I can install it, and hope that nothing would happen during this time,” said Pik.

The Backslash report is not intended as a dig at the security rigor of Anthropic, noting the company tends to “patch fast and document more than anyone” and has addressed every issue and vulnerability identified in the report.

Rather, it’s to highlight the series of mostly silent and persistent security exposures that an organization faces when adopting AI into their workflow.

Other software programs and technology products face similar tradeoffs through different updates, but most of the vulnerabilities detailed in the change log – such as getting an agent to leak data or accept malicious prompts – are unique to large language models and AI systems.

That means integrating AI tools can bring new security problems to an organization, both from outsiders who can poison or influence the model and insiders who can maliciously or accidentally direct the model to access or leak systems, data and identities.

For most Claude Code users, this process runs automatically in the background. Yet Yik points out that just as AI is transforming work itself,  it’s also changing how we need to approach software security and updates.

“It should not be compared to [Microsoft] Office that is installed and gets patched once in a while,” he said. “It’s a completely different beast that keeps evolving, and we don’t want to limit it…I think that it’s great for everyone. We just need to make sure that we do it in a secure way, and every organization should understand what that means for them.”

The post AI’s constant patching treadmill can be a security problem appeared first on CyberScoop.

The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant.

The post Cybercrime Group Claims Novo Nordisk Hack appeared first on SecurityWeek.

By continuously analyzing security, infrastructure, and governance data, TrustCloud aims to give CISOs a real-time view of application risk and board-ready assurance.

The post Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire appeared first on SecurityWeek.

Yesterday, DataBreaches reported that FulcrumSec had hacked Danish pharmaceutical giant Novo Nordisk. FulcrumSec followed up on that reporting by releasing their own very detailed report on their dark web leak site about the incident and what they had acquired. This morning, DataBreaches woke up to find messages waiting on Signal from someone claiming they, too, had hacked...

Source

ISSUE 23.24 • 2026-06-15 WINDOWS 11 By Martin Brinkmann Without a single warning, Microsoft may quietly hijack your local files and hold them hostage in the cloud to upsell you a OneDrive subscription. With a few steps, you can break the link and reclaim your data. Do a quick experiment right now. Open File Explorer, […]

The U.S. government on Friday ordered Anthropic to immediately suspend foreign access to Fable 5 and Mythos 5, its two most advanced artificial intelligence models, citing national security concerns tied to a reported method of bypassing the models’ safety restrictions. 

The directive, issued late Friday afternoon by Secretary of Commerce Howard Lutnick in a letter to Anthropic Chief Executive Dario Amodei, placed the two models under export controls that prohibit use by foreign nationals, whether inside or outside the United States. 

Because of the scope of the restrictions, which includes foreign-born Anthropic employees, the company announced Friday evening that it disabled the models to ensure compliance. Access to the company’s other AI models was not affected. 

Fable 5 and Mythos 5 had been released earlier this week, with Anthropic describing them as the most capable systems it had ever deployed. Mythos was available to members of Project Glasswing, which allowed selected cybersecurity companies to use the model to identify and address security flaws.

It’s unclear how the Commerce Department action affects Project Glasswing. Anthropic did not respond to a request for comment.

The Commerce Department‘s letter did not detail the specific national security concern. In its blog post Friday night, the company said its understanding is that the government became aware of a technique for “jailbreaking” Fable 5, a term for methods that circumvent a model’s built-in safety guardrails. According to Anthropic, the government provided only verbal evidence of what it described as a “narrow, non-universal jailbreak,” which essentially involved prompting the model to read a specific codebase and identify software flaws. 

Anthropic disputed the severity of the finding. The company said it reviewed a report it believes formed the basis of the government’s directive and found that the capabilities demonstrated were already available in other publicly accessible models, including OpenAI’s GPT-5.5. The company said those same capabilities are used routinely by cybersecurity professionals for defensive purposes. 

Katie Moussouris, chief executive of the cybersecurity firm Luta Security, posted on BlueSky Saturday that the issue stems from “Defense Oriented Prompting,” a security-first method of engineering AI system instructions that treats natural language as code.

Other reports claimed that Amazon was responsible for flagging the security issues in the model. The company did not respond to CyberScoop’s request for comment. 

Anthropic acknowledged in its statement that perfect jailbreak resistance is not achievable for any model provider, and said it had designed Fable 5 around a “defense in depth” strategy, combining narrow jailbreak resistance with active monitoring. The company said no testers had found a universal jailbreak capable of broadly bypassing the model’s safeguards. 

“We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people,” Anthropic wrote. “If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.”

Friday’s directive is the latest episode in a prolonged dispute between Anthropic and the Trump administration. In February, President Donald Trump moved to bar Anthropic’s products from federal agencies after the company sought stronger restrictions on how the Pentagon used its technology.

Despite that, as Anthropic released Mythos under Project Glasswing, the National Security Agency was given Mythos 5 to conduct offensive cyber operations. Earlier this month, Trump signed an executive order directing federal agencies to bolster cyber defenses and establish a voluntary mechanism for the government to gain early access to powerful AI models before deployment. 

The administration’s stated rationale for Friday’s action drew widespread skepticism from researchers and analysts. Dean Ball, a senior fellow at the Foundation for American Innovation, called the move “baffling.” Chris McGuire, a senior fellow at the Council on Foreign Relations, said targeted export controls on model access could be a legitimate policy tool, but called the across-the-board restriction “highly questionable” and the deemed export provisions — which restrict foreign nationals inside the U.S. — “just absurd.” 

The broader implications for the AI industry remain uncertain. Aaron Levie, chief executive of Box, described the directive as “a big turning point for AI regulation,” arguing that the government’s willingness to deem specific models too powerful for certain uses establishes a precedent with potentially far-reaching consequences.

Other tech leaders in the government supported the action. 

“We fully support @POTUS and @SecWar in prioritizing national security and the security of our warfighters, DIB partners, critical infrastructure, international partners and allies,” DOD CIO Kirsten Davies wrote in a social post on X. “Some things are simply more important than revenue cycles, clickbait, and pre-IPO valuation. America First. Always.”

Anthropic said it believes the situation stems from a misunderstanding and is working to restore access as soon as possible.

The post Anthropic disables new models after government calls them a national security concern appeared first on CyberScoop.

Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals.

The post Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls appeared first on SecurityWeek.

An AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak.

The post Anthropic Disputes Fable 5 AI Jailbreak appeared first on SecurityWeek.

As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise.

The post Alert Fatigue Is Becoming a Security Threat of Its Own appeared first on SecurityWeek.

Claroty researchers have analyzed the security of Vertiv UPS network cards and the Trane Tracer SC+ HVAC controller.

The post Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers appeared first on SecurityWeek.

Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.

The post After AI Reaches Production: 12 Ways Security Teams Can Take Control appeared first on SecurityWeek.