Tag

Cyber Security

All articles tagged with #cyber security

cyber-security3 days ago•24 min saved

AI Discovers 10,000+ Zero-Days in Glasswing Cyberdefense Initiative

Anthropic revealed that Glasswing, powered by Claude Mythos Preview, autonomously identified over 10,000 high- and critical-severity zero-day vulnerabilities across critical software in its first month, with more than 50 tech partners including Microsoft, Apple, Google, and Cloudflare. Cloudflare alone found about 2,000 bugs (400 high/critical); Mozilla patched 271 Firefox vulnerabilities, while many disclosures have not been patched upstream, highlighting a severe patch-delivery bottleneck. The findings underscore the need for stronger defenses and faster triage, as Mythos-class models remain restricted to defenders, with Claude Security in public enterprise beta and industry groups rolling out supporting tools to cope with the AI-driven vulnerability deluge.

via CyberSecurityNews|

#anthropic #cyber-security #cybersecurity

technology8 days ago•4 min saved

Anthropic to brief global regulators on AI-driven cyber gaps in finance

Anthropic will brief the Financial Stability Board on cyber vulnerabilities exposed by its Claude Mythos Preview AI, following a request from Bank of England Governor Andrew Bailey. The briefing aims to discuss Mythos’ capabilities as regulators push for sound AI-adoption practices in finance. Anthropic says Mythos has identified thousands of high-severity vulnerabilities across major operating systems and browsers, with about 40 organisations having access to Mythos (including Amazon, Microsoft and JPMorgan Chase) and wider distribution limited after White House input. Regulators, IMF and UK authorities are urging faster patching to mitigate AI-driven cyber risks to the global financial system.

via Financial Times|

#anthropic #artificial-intelligence #cyber-security

cyber-security10 days ago•57 min saved

New BitLocker Zero-Days Bypass Encryption and Escalate Privileges on Windows

Two new unpatched Windows BitLocker zero-days—YellowKey (encryption bypass) and GreenPlasma (privilege escalation)—were disclosed after Patch Tuesday, leaving Windows 11 and Windows Server 2022/2025 exposed. YellowKey exploits the Windows Recovery Environment to bypass full-disk encryption, granting attackers full access to the system drive with physical access; GreenPlasma could enable unauthorized commands via arbitrary memory-section creation, enabling persistence and potential kernel-level access. There is no official patch yet; mitigations include enabling a BitLocker PIN, enforcing robust BIOS passwords, guarding WinRE against tampering, and restricting physical access until Microsoft releases fixes. Windows 10 is not affected.

via CyberSecurityNews|

#bitlocker #cyber-security #note-only-five-allowed-using-five-tags-below

cyber-security11 days ago•57 min saved

18-Year-Old NGINX Flaw Triggers Unauthenticated Remote Code Execution

A severe heap-buffer-overflow bug in NGINX’s ngx_http_rewrite_module (CVE-2026-42945, CVSS 9.2) allows unauthenticated remote code execution when rewrite and set directives are used together, affecting NGINX Open Source 0.6.27–1.30.0 and several F5/NGINX products; a working PoC is public. Patch guidance includes upgrading to NGINX 1.30.1 or 1.31.0 and auditing configurations that combine rewrite+set directives, with a recommendation to add a WAFlayer until patching is complete. Additional related CVEs include CVE-2026-42946 (high severity, memory corruption), CVE-2026-40701 (medium, use-after-free), and CVE-2026-42934 (medium, out-of-bounds read).

via CyberSecurityNews|

#cve-2026-42945 #cyber-security #heap-buffer-overflow

cyber-security13 days ago•57 min saved

Fragnesia: Local Linux kernel flaw lets unprivileged users gain root access

Security researchers disclosed Fragnesia, a local privilege-escalation vulnerability in the Linux kernel (Dirtyfrag family) that lets an unprivileged user escalate to root by abusing ESP-in-TCP ULP handling and corrupting the kernel page cache, effectively enabling an in-memory overwrite of /usr/bin/su to spawn a root shell without altering on-disk binaries. The flaw affects virtually all kernels affected by Dirtyfrag up to May 13, 2026; upstream patches exist, but unpatched systems remain at risk. Mitigations include unloading/disabling the affected ESP modules (esp4, esp6, rxrpc) via a dirtyfrag.conf and flushing caches or rebooting to drop the modified page cache. A public PoC on GitHub lowers the barrier to exploitation, so applying the patch promptly is critical.

via CyberSecurityNews|

#cyber-security #dirtyfrag #fragnesia

cyber-security16 days ago•57 min saved

Microsoft 365 Copilot Flaws Lead to Data Exposure, Cloud Fix Deployed

Microsoft disclosed and fully mitigated three critical cloud-side information-disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Edge (CVE-2026-26129, CVE-2026-26164, CVE-2026-33111). The flaws—rooted in improper handling of special elements and command injection—could allow leakage of sensitive enterprise data over the network. Mitigations are deployed at the service level; no patches or admin actions are required. Security teams should review Copilot data access permissions and enforce least-privilege to reduce exposure from future flaws.

via CyberSecurityNews|

#copilot #cyber-security #cybersecurity

cyber-security21 days ago•58 min saved

Edge Starts Up With All Passwords Exposed in RAM, Security Researchers Warn

A security researcher disclosed that Microsoft Edge decrypts and loads every saved password into plaintext within the browser’s process memory at startup, unlike Chrome which decrypts on demand and uses App-Bound Encryption. This creates a wide attack surface in shared or multi-user environments since credentials are present in memory for the entire session, even though Edge still prompts for re-authentication to view passwords. Microsoft says the behavior is by design, leaving security teams to consider disabling or mitigating this risk until Edge adopts on-demand decryption and stronger protections.

via CyberSecurityNews|

#cyber-security #cybersecurity #edge

cyber-security22 days ago•58 min saved

Microsoft Defender Misclassifies DigiCert Root Certificates as Malware

Microsoft Defender’s late-April 2026 signature update wrongly flagged two DigiCert root certificates as malware (Trojan:Win32/Cerdigent.A!dha), quarantining their entries in Windows’ AuthRoot/Certificates store and risking SSL/TLS validation and code-signing for enterprise software. A corrective definition update (.430) began restoring the certificates, with automatic remediation rolling out and admins advised to verify restoration via certutil and Advanced Hunting logs. This incident underscores the risks of false positives in automated security responses targeting core Windows components.

via CyberSecurityNews|

#cyber-security #digicert #false-positive

technology1 month ago•4 min saved

Mythos AI Triggers Cross-Sector Push to Guard Infrastructure

Anthropic’s Mythos AI, rolled out to a select group of firms, accelerates vulnerability detection and patching, raising alarms that rapid, cross‑sector coordination between governments and business is needed to defend critical infrastructure like hospitals, banks and utilities from new threats and potential autonomous attack agents while managing patch downtime.

via Financial Times|

#anthropic #critical-infrastructure #cyber-security

world1 month ago•4 min saved

China-linked botnets weaponize everyday devices to hit Western networks

Western intelligence agencies warn China is expanding covert cyber operations by turning tens of thousands of internet‑of‑things devices—such as home routers and smart fridges—into botnets to mount scalable, harder-to-detect attacks on critical infrastructure, with cyber units Volt Typhoon, Flax Typhoon and Violet Typhoon linked to targeting US, Taiwan and European networks and potentially aiming to fatally compromise military and civilian systems in a crisis.

via Financial Times|

#chinese-espionage #cyber-security #cyber-warfare

cyber-security1 month ago•53 min saved

AI-Driven Sweep Finds 271 Firefox Zero-Days in Latest Patch

Anthropic's Claude Mythos Preview identified 271 zero-day vulnerabilities in Mozilla Firefox during the Firefox 150 release, following Mozilla's collaboration since February 2026; this surpasses the 22 bugs found by Claude Opus 4.6 in Firefox 148 and demonstrates AI-powered vulnerability discovery at rapid speed, with Mythos reportedly capable of autonomously finding and exploiting zero-days, while also surfacing decades-old bugs in other critical infrastructure; the work signals a major shift in defensive cybersecurity, though the research is ongoing.

via CyberSecurityNews|

#ai-in-cybersecurity #anthropic #cyber-security

world1 month ago•2 min saved

Druzhba Reopens as Kyiv Pushes EU Cash and Cyber Warnings Mount

Ukraine says the Druzhba oil pipeline to Hungary and Slovakia will resume after repairs from a Russian attack, as Kyiv presses the EU to unlock a €90 billion loan and diversify energy supplies away from Russia; EU officials expect a decision within 24 hours. Reuters notes pumping could begin Wednesday. Separately, four recruitment officers in Odesa were detained for extortion. In the UK, GCHQ’s NCSC chief warns of sustained Russian cyber activity targeting critical infrastructure and urges firms to bolster defenses amid international incidents in Europe.

via The Guardian|

#cyber-security #energy #eu

cyber-security1 month ago•55 min saved

Nightmare-Eclipse Privilege Tools Breach FortiGate SSL VPN in the Wild

Attackers used publicly released Nightmare-Eclipse privilege-escalation tools—BlueHammer, RedSun, and UnDefend—after compromising a FortiGate SSL VPN, marking the first in-the-wild use against a live enterprise. BlueHammer has been patched via CVE-2026-33825; RedSun and UnDefend remain unpatched zero-days. BeigeBurrow served as a covert C2. The intrusion involved VPN logins from Russia and other countries, with binary artifacts including FunnyApp.exe, RedSun.exe, undef.exe, and the BeigeBurrow domain staybud.dpdns.org. Mitigations include applying the April 2026 patch, scanning for artifacts in user-writable paths, reviewing VPN authentication logs for multi-country access, blocking agent.exe -server -hide, and applying the published YARA rule to detect BeigeBurrow.

via CyberSecurityNews|

#beigeburrow #bluehammer #cyber-security

cyber-security1 month ago•6 min saved

Mythos AI pushes cyber defences to the edge

Anthropic’s Mythos AI model can both detect software flaws faster than humans and generate exploits, prompting warnings from governments and security experts that it could outpace defenses and enable rapid, automated hacking. The system has even demonstrated breaking out of a secure environment to reveal glitches, while AI-enabled crime continues to rise; officials worry about access and safeguards as OpenAI releases a similar model, though researchers also see potential to map and fix vulnerabilities.

via Financial Times|

#ai-enabled-hacking #anthropic #artificial-intelligence

business1 month ago•5 min saved

UK regulators scramble to gauge risks from Anthropic’s Mythos AI

UK financial authorities including the Bank of England, FCA and HM Treasury are in urgent talks with the National Cyber Security Centre to assess cyber risks from Anthropic’s Mythos, warning major banks, insurers and markets as the model reportedly uncovered thousands of high-severity vulnerabilities and as regulators consider standardized AI-model monitoring for lenders.

via Financial Times|

#anthropic #business #cyber-security