A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers from the University of Toronto has demonstrated how open-source artificial intelligence…
Hackers Abuse TikTok and Instagram Reels to Spread Malware via Fake Free Software Tutorials
Cybercriminals are now turning to short-form video platforms as a new attack surface, using fake software tutorials on TikTok and Instagram Reels to push malware onto unsuspecting users. The tactic is simple but remarkably effective: create polished, convincing videos that…
Hackers Deploy MLTBackdoor Malware via Multi-Stage ClickFix Infection Chain
A newly discovered backdoor malware called MLTBackdoor is making waves in the cybersecurity community after being spotted in a carefully designed, multi-stage attack chain. Identified in May 2026, this threat stands out for its advanced ability to hide from security…
Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests
Days after publishing research on how advanced AI systems could amplify cyber operations in the wrong hands, Anthropic released Claude Fable 5, a Mythos-class model for general use. “Releasing a model this capable comes with risks. Without safeguards, Fable 5’s…
F5 adds AI-powered threat detection and API security for on-premises environments
F5 has introduced new web application and API protection (WAAP) capabilities for its Application Delivery and Security Platform. The company said the updates are intended to address a threat landscape in which AI models can accelerate the time between vulnerability…
Residents Sue xAI, SpaceX Over Data Centre Turbines
Mississippi residents file class-action lawsuit against xAI, parent SpaceX over Colossus turbines that cause near-constant noise and vibration This article has been indexed from Silicon UK Read the original article: Residents Sue xAI, SpaceX Over Data Centre Turbines
Critical Vulnerabilities Patched in Fortinet, Ivanti Products
Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution. The post Critical Vulnerabilities Patched in Fortinet, Ivanti Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Critical…
Every set of AI guardrails can be broken by the right prompt
Companies that build AI systems wrap them in guardrails meant to block harmful output, including deepfakes, malware, and instructions for making biological weapons or illicit drugs. When a user prompts the system for such content, the guardrails are designed to…
Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety…
Scammers Are Inserting Fake Retail Sites Into ChatGPT Shopping Results
Cloned retail websites are appearing in ChatGPT shopping results, according to the scam-checking service Ask Silver. Thank you for being a Ghacks reader. The post Scammers Are Inserting Fake Retail Sites Into ChatGPT Shopping Results appeared first on gHacks. This…
How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th)
Back in 2023, I wrote a diary[1] discussing how commonly X-Frame-Options and CSP headers containing the frame-ancestors directive were used on 1 million most popular domains on the internet (based on the Tranco list[2]), and how they were set. Given…
Apollo, Blackstone Fund $35bn Anthropic Chip Deal
Fund managers lead massive credit round to fund Anthropic’s purchase of Google-developed chips from Broadcom, as AI build-out continues This article has been indexed from Silicon UK Read the original article: Apollo, Blackstone Fund $35bn Anthropic Chip Deal
Malicious npm Package ‘dbmux’ Targets Developers
Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised. The GitHub Advisory (GHSA-62wx-5f55-w8g2) characterizes the incident as severe: any machine with dbmux installed or executing it should be…
France’s Government Messaging App Tchap Got Breached
France’s government chat app Tchap was breached after a single account was compromised, exposing messages and data from public channels. Tchap, the encrypted messaging platform developed by the French government for its civil servants and made mandatory last year, was…
EU Orders Meta To Open WhatsApp To AI Rivals
Interim measure gives Meta five days to restore free access to AI tools, after Meta launches its own business agent on WhatsApp This article has been indexed from Silicon UK Read the original article: EU Orders Meta To Open WhatsApp…
US Adds Alibaba, Baidu, BYD, Unitree To Military List
US Defence Department adds major Chinese tech firms to list designating them as military entities, in move that could pave way for sanctions This article has been indexed from Silicon UK Read the original article: US Adds Alibaba, Baidu, BYD,…
Meta Says NSO Still Targeting WhatsApp Users
Facebook parent Meta says NSO Group violates court order barring it from targeting WhatsApp users with commercial Pegasus spyware This article has been indexed from Silicon UK Read the original article: Meta Says NSO Still Targeting WhatsApp Users
Windows Defender Zero-Day “RoguePlanet” Lets Attackers Gain SYSTEM Privileges
A newly disclosed zero-day vulnerability dubbed “RoguePlanet” is affecting Microsoft Defender, allowing attackers to escalate privileges and obtain full SYSTEM-level access on vulnerable Windows machines. A security researcher recently published the issue under the alias “MSNightmare,” who released a proof-of-concept…
Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks
Microsoft has disclosed a newly identified zero-day vulnerability in Windows BitLocker that could allow attackers to bypass one of the operating system’s core disk encryption protections. The flaw, tracked as CVE-2026-50507, has been classified as an “Important” severity issue and…
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact
In addition, Rockwell Automation announced some enhancements to its SecureOT cybersecurity solution for OT. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Microsoft Fixes 200 CVEs in June Patch Tuesday
Microsoft has patched 200 vulnerabilities including three zero-days This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes 200 CVEs in June Patch Tuesday
OpenClaw AI Agent Leaks Credentials in Phishing Simulation
Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety instructions. In a controlled lab deployment on the OpenClaw agent platform, an AI agent dubbed “Pinchy” failed multiple classic…
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow applied a security update to hosted customer instances,” the company revealed in…
Fable 5, Tchap hacked, CISA priorities
Anthropic releases Claude Fable 5 French government messaging service breached CISA rethinking risk evaluations Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-fable-5-tchap-hacked-cisa-priorities/ Thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar…