The Cyber Resilience Act1 (“CRA”) is the first EU-wide regulation mandating minimum cybersecurity standards for all connected products sold on the internal market. It makes cybersecurity a mandatory product feature, requiring manufacturers to implement “security by design” and maintain robust update and vulnerability management processes throughout a product’s lifecycle. In this article, we outline the most […]
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most “systemically” important software across the world since the cybersecurity initiative went live last month. Project Glasswing is a defensive effort launched by the artificial intelligence (AI) company to secure critical global software infrastructure. […]
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire description verbatim to trick unsuspecting […]
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. between April and December 2023. The two defendants, who pleaded guilty to their crimes in December 2025, conspired with Angelo Martino, 41, of Florida, to conduct the attacks. “The three men agreed […]
PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of Windows. The research was presented by Kaspersky application security specialist Haidar Kabibo at Black Hat Asia 2026 on April 24 and details five distinct exploitation paths, none of which have […]
In recent weeks, the AI world has been a-buzz following claims made by leading firm, Anthropic, regarding its new model, Claude Mythos. The company says it found the tool can outperform humans at some hacking and cyber-security tasks, which has prompted discussions by regulators, legislators and financial institutions about the dangers it could pose to […]
In June 2024, a cyber-attack on a pathology services company caused chaos across London’s hospitals. More than 10,000 appointments were cancelled. Blood shortages followed and delays to blood tests led to a patient’s death. Lethal cyber-attacks like this are thankfully rare. But a new AI release could change that – plunging us into a terrifying new […]
Artificial intelligence (AI) is moving rapidly from experimentation into the operational core of the economy. Systems that once analyzed information are now guiding decisions, executing tasks and interacting with other digital systems with minimal human oversight. This shift is transforming not only how businesses operate but also how they must think about security, governance and risk. A new national […]
Anthropic didn’t intend to introduce Mythos this way. Details of what it calls its most capable AI model yet surfaced through a data leak in its content management system (CMS), revealing a LLM with sharply improved reasoning and coding skills. The data leak, which was the result of the company’s staffers inadvertently exposing material about […]
If you’re feeling numb to the endless cycle of data breaches and hacks, you aren’t alone. At the RSAC 2026 Conference in San Francisco, four former directors for the US’s National Security Agency gave their view on today’s cyberthreats, including whether the American public “even cares about cyber anymore?” “So I think we’ve become numb […]