Cybersecurity

Core Summary Anthropic has suspended all customer access to its latest AI models, Claude Fable 5 and Mythos 5, after US national security authorities identified “jailbreak” vulnerabilities. The company stated it was “ordered to suspend foreign nationals from using Claude Fable 5” and that “the net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance.” This marks the latest escalation in Anthropic’s ongoing conflict with the Trump administration, after the Pentagon labeled the company a “supply chain risk.” ...

WhatsApp has announced the discovery of new spyware attacks linked to Israel’s NSO Group, allegedly in violation of court orders. The incident has reignited debate over surveillance technology abuse and communication security.

[Core Summary] Microsoft has confirmed that some of its open source development tools were compromised in a hacking incident, with attackers successfully stealing login credentials from multiple AI developers. The full scope of the breach remains unclear, but the event has triggered heightened concern across the tech industry about open source supply chain security. Microsoft is urgently investigating which specific tools were affected and advising all related developers to change their passwords immediately. ...

USB Speaker Vulnerability Allows PC Infection Without User Interaction Security researchers have discovered a novel attack vector dubbed “Pwnd Blaster” that exploits Bluetooth speakers manufactured by Creative to compromise connected PCs without any user interaction. The vulnerability allows attackers to infiltrate computers simply by being within Bluetooth range of the speaker, which is connected to the PC via USB. The exploit targets a firmware vulnerability in Creative’s popular Bluetooth speaker line, which sells for approximately three hundred dollars. When the speaker is connected to a PC via USB for charging or audio input, the compromised firmware can execute arbitrary code on the host system through the USB interface, effectively turning the speaker into a stealthy attack platform. ...

According to TechCrunch, Microsoft is facing widespread criticism for threatening a security researcher with criminal investigation after the researcher discovered vulnerabilities in Microsoft systems. The incident has sparked concerns about how tech giants treat the independent security research community.

[Flash] Global Cyber Attack Disrupts Canvas Platform at Thousands of Schools A hacking group has breached Canvas, the widely used educational software, disrupting online learning systems at thousands of universities and schools worldwide. The attack affected core functions including assignment submission, exams, and course management. Cybersecurity experts warn that the education sector is increasingly a prime target for cyber attacks. Source: BBC World

A large-scale international cyber attack simultaneously disrupted IT systems at universities and schools across the United States and Europe, affecting teaching and administration.

A large-scale cyber attack hit educational institutions across multiple US states, causing widespread disruption to university and school systems affecting hundreds of thousands of students and staff.

Canadian election authorities implanted ‘canary traps’ — unique false data records — in voter databases, successfully tracking and identifying unauthorized internal access to sensitive voter data.

Latest tests from the US AI Safety Institute (AISI) show that OpenAI’s GPT-5.5 performs on par with the much-hyped Mythos Preview in cybersecurity capability tests, suggesting AI cyber threats are not ‘a breakthrough specific to one model.’