cybersecurity
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Anthropic appears to be preparing for the public rollout of “Mythos,” which was announced in April as a restricted model that poses major security risks to private and public software. On April 7, Anthropic announced the Mythos in early preview and called it a new frontier model with strikingly advanced capabilities in computer security tasks. Anthropic […]
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). According to the FBI PSA, Kali365 first emerged in April 2026 and is distributed via Telegram channels for cybercriminals seeking an easier way […]
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Kali Linux 2026.1, the first release of the year, is now available for download, featuring 8 new tools, a theme refresh, and a new BackTrack mode for Kali-Undercover. Kali is a Linux distribution designed for ethical hackers and cybersecurity professionals, with tools for red teaming, penetration testing, network research, and security assessments. This distribution is […]
FCC bans new routers made outside the USA over security risks
The Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new models in the U.S. The Covered List, created under the Secure and Trusted Communications Networks Act of 2019, is an FCC-maintained list of communications equipment and services that the U.S. government has […]
Apple pushes first Background Security Improvements update to fix WebKit flaw
Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade. The CVE-2026-20643 flaw allows malicious web content to bypass the browser’s Same Origin Policy. Apple says the flaw is a cross-origin issue in the Navigation API that was addressed […]
Microsoft: Hackers abusing AI at every stage of cyberattacks
Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack. According to a new Microsoft Threat Intelligence report, attackers are using generative AI tools for a wide range of tasks, including reconnaissance, phishing, infrastructure development, malware creation, […]
Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks
Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific individuals. Tracked as CVE-2026-20700, the flaw is an arbitrary code execution vulnerability in dyld, the Dynamic Link Editor used by Apple operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. Apple’s security bulletin warns […]
EU plans cybersecurity overhaul to block foreign high-risk suppliers
The European Commission has proposed new cybersecurity legislation mandating the removal of high-risk suppliers to secure telecommunications networks and strengthening defenses against state-backed and cybercrime groups targeting critical infrastructure. This move follows years of frustration over the uneven application of the EU’s voluntary 5G Security Toolbox, introduced in January 2020 to encourage member states to limit reliance […]
UK announces plan to strengthen public sector cyber defenses
The United Kingdom has announced a new cybersecurity strategy, backed by more than £210 million ($283 million), to boost cyber defenses across government departments and the wider public sector. The new measures are part of the Government Cyber Action Plan that establishes a dedicated Government Cyber Unit to coordinate risk management and incident response, aiming to make online public services more […]
Hackers claim to hack Resecurity, firm says it was a honeypot
Threat actors associated with the “Scattered Lapsus$ Hunters” (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity. Today, threat actors published screenshots on Telegram of the alleged breach, claiming they stole […]