A newly disclosed Agentjacking attack class can silently weaponize AI coding agents against the very developers who rely on them, requiring no phishing, no server compromise, and no user interaction beyond a developer’s normal workflow of asking their AI assistant…
Tag: EN
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
A critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked as CVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects the PostgreSQL Sidecar Service introduced in Splunk…
US Government Suspends Anthropic’s Claude Fable 5 and Mythos 5 Over Security and Jailbreak Concerns
Anthropic has paused access to Claude Fable 5 and Claude Mythos 5 for all users following a directive from the US government to restrict access for foreign nati Thank you for being a Ghacks reader. The post US Government Suspends…
Anthropic Blocks Fable 5 and Mythos 5 Following U.S. National Security Directive
Anthropic has disabled all access to its Fable 5 and Mythos 5 artificial intelligence models following a sudden export-control directive from the United States government. Issued at 5:21 PM ET on June 13, 2026, the directive cited pressing national security…
Malicious 152 Chrome Extensions Caught Spoofing Google Organic Search Traffic
A massive, coordinated network of 152 malicious Google Chrome browser extensions has been dismantled after researchers caught the operation generating fake organic Google search traffic. Socket’s Threat Research Team discovered the operation spanning 38 separate Chrome Web Store publisher accounts…
Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls
Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals. The post Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export…
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether…
Anthropic Fable 5 and Mythos 5 Access Blocked to All Users Following Government Directive
Anthropic has disabled its two most capable AI models, Fable 5 and Mythos 5, after the U.S. government issued an export control directive late on June 12 ordering the company to block access for any foreign national, whether inside or…
CyberTitan Champions: Inside Canada’s National High School Cybersecurity Competition (and CyberPatriot)
Cybersecurity Today on the Weekend interviews the winning Canadian CyberTitan team (“S-ores”/a regex-based name) along with coach Phil, educator Tim, and CyberTitan manager Sheena to explain how CyberTitan (run by ICTC) connects to the international CyberPatriot program. They describe the…
AI threats move fast. Your defenses should too.
Recently, Red Hat’s Vincent Danen highlighted how AI models found 271 real security defects in Firefox in a single pass during Mozilla’s collaboration with Anthropic. If AI can do that for defenders, it can do the same for attackers. As…
NanoClaw now armed with JFrog for safer packages
AI agents can’t be trusted, so don’t give them dangerous powers This article has been indexed from www.theregister.com – Articles Read the original article: NanoClaw now armed with JFrog for safer packages
Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water…
Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered
Unit 42 has discovered a new macOS Tahoe 26 forensic artifact that tracks user menu selections across the operating system. Learn more here. The post Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered appeared first on Unit 42. This…
The Department of Know: CISA’s quick patch, Miasma attacks, judge finds AI guilty
This week’s Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation. Missed the live show? Check it out on YouTube.…
Governing Claude Enterprise in Environments Where Inline Controls Can’t Go
TrendAI™ integrates the Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation…
Friday Squid Blogging: Squid-Inspired Fluid Pump
This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This…
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
The tech giant said a group called “Outsider Enterprise” used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks. This article has been indexed from Security News | TechCrunch Read…
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest…
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact. The post New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight appeared first on TechRepublic. This article has been indexed from…
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional malware. Researchers have uncovered an active operation targeting Brazilian organizations, where attackers trick employees into…