CyberScoop.com
- Get link
- X
- Other Apps
"Researchers say AI just broke every benchmark for autonomous cyber capability."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 13 May 2026, 2324 UTC.
Content and Source provided by email subscription from https://feedly.com.
https://feedly.com/i/subscription/content/feed%2Fhttps%3A%2F%2Fwww.cyberscoop.com%2Ffeed%2F
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
63
Today
by Greg Otto / 48min
Two of the most advanced artificial intelligence models — Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5 — have significantly surpassed the already-accelerating pace at which AI systems are completing autonomous cybersecurity tasks, according to separate findings published Wednesday by the United Kingdom’s AI Security Institute (AISI) and Palo Alto Networks. The AISI, which conducts pre-d
by Tim Starks / 1h
The House Homeland Security Committee is digging into Anthropic’s AI model Mythos in a series of briefings and hearings, as questions proliferate on whether and how the federal government will make use of the technology touted for its ability to autonomously uncover cyber vulnerabilities. Wednesday brought a closed-door briefing for the House Homeland Security Committee from Anthropic. The chairm
The Trump administration released a legal opinion outlining the legal rationale behind its nationwide voter data collection efforts, justifying an aggressive federal role in vetting voter eligibility, a position courts have repeatedly rejected in related litigation. The memo , released Tuesday by the Department of Justice Office of Legal Counsel, concedes that while election administration is “pr
by Wyatt Kash / 4h
Today’s enterprise executives are navigating a complex landscape of AI-driven challenges, but none is more urgent than the rapid escalation of AI-generated fraud. Fraudsters are weaponizing generative AI to automate impersonation and mass-produce synthetic identities at a scale and pace that is rendering enterprises’ long-standing defenses obsolete. This is no longer a slow-moving game of cat and
OpenAI has unveiled Daybreak, a cybersecurity initiative that combines the company’s large language models with its Codex agentic framework to help organizations identify, patch, and validate software vulnerabilities across the development lifecycle. The platform is built around three model tiers: GPT-5.5 for general-purpose use, GPT-5.5 with Trusted Access for Cyber for verified defensive securi
Yesterday
A rapidly spreading malware campaign has infected hundreds of software packages across major open-source registries, embedding credential-stealing code into development tools downloaded millions of times a week. The attack, referred to as “mini Shai-Hulud,” targeted prominent software libraries, including TanStack, UiPath, and MistralAI. TanStack’s React Router package alone accounts for more tha
by Tim Starks / 1d
A group of international government agencies released guidance Tuesday on what they believe any artificial intelligence “ingredients list” tool should include to make AI more secure. The concept of such a list, known as a “software bill of materials (SBOM),” is to know everything that goes into a particular piece of software so that any supply chain risks are easier to identify. There’s been a gr
Microsoft addressed another triple-digit batch of vulnerabilities cutting across its various enterprise products, components and underlying systems. Yet despite the high number of defects, the vendor reported no actively exploited zero-days in this month’s Patch Tuesday update . Thirteen of the 137 vulnerabilities Microsoft disclosed were assigned critical CVSS ratings, including a pair of vulner
by Tim Starks / 1d
Google launched a feature for Android phones Tuesday for dedicated forensic logs about intrusions from sophisticated attacks like those by spyware vendors, in what design partners at Amnesty International hailed as an important first. The tech giant has been ramping up the new feature, Intrusion Logging, since last year , and has now begun rolling it out. “The new intrusion logging feature promis
by Greg Otto / 1d
If you had time to walk the expo floor at this year’s RSA Conference, it was impossible to miss the shift in our industry. Artificial intelligence has moved from an emerging layer to the foundation of what powers cybersecurity companies. But from our vantage point as investors who work closely with founders and operators, the bigger shift is how AI is changing how these companies are formed, fund
May 11, 2026
Instructure, the company behind Canvas, said it reached an agreement with the cybercriminals who threatened to leak a trove of sensitive data they claim was stolen during a prolonged cyberattack on the widely used education tech platform. Pressure was mounting on the company as widespread outages left schools, students and teachers temporarily unable to access critical data late last week when th
Google researchers found a zero-day exploit developed by artificial intelligence and alerted the susceptible vendor to the imminent threat before a well-known cybercrime group initiated a mass-exploitation campaign, the company said in a report released Monday. The averted disaster probably isn’t the first time attackers used AI to build a zero-day, but it is the first time Google Threat Intellig
by Greg Otto / 2d
The average cyberattack costs for a small- or medium-size business is more than $250,000 . The salary for a chief information security officer (CISO) is about the same, pulling in between $250,000 and $400,000, according to the annual 2026 CISO Report from Sophos and Cybersecurity Ventures. Small- and medium-size businesses (SMBs) know they cannot afford the salary, so they roll the dice, hoping
May 8, 2026
by Tim Starks / 5d
The Senate’s top Democrat called on the Department of Homeland Security Friday to work closely with state and local governments to defend against artificial intelligence-strengthened hacks. Senate Minority Leader Chuck Schumer, D-N.Y., wrote to DHS Secretary Markwayne Mullin to make sure state, local, tribal and territorial (SLTT) governments aren’t left behind as AI models advance, posing new ha
The post appeared first on CyberScoop .
4 TTPs
by djohnson / 5d
As businesses and governments turn to AI agents to access the internet and perform higher-level tasks, researchers continue to find serious flaws in large language models that can be exploited by bad actors. The latest discovery comes from browser security firm LayerX, involving a bug in the Chrome extension for Anthropic’s Claude AI model that allows any other plugin – even ones without special
May 7, 2026
Attackers are hitting Ivanti customers yet again — circling back to a common target and consistently susceptible vendor in the network edge space — by exploiting a zero-day vulnerability in one of the company’s most besieged products. Ivanti warned customers that attackers have successfully exploited CVE-2026-6973 , an improper input validation defect in Ivanti Endpoint Manager Mobile (EPMM) that
by Tim Starks / 6d
The Trump administration is redirecting a cybersecurity scholarship program that requires recipients to work in government service toward artificial intelligence, leaving some current program scholars dismayed and bewildered. In an email to participating school program coordinators obtained by CyberScoop, the Office of Personnel Management and National Science Foundation said the CyberCorps Schol
Two U.S. nationals were sentenced to 18 months in prison for running laptop farms that facilitated North Korea’s expansive remote IT workers scheme, the Justice Department said Wednesday. Matthew Issac Knoot and Erick Ntekereze Prince both received and hosted laptops at their residences to dupe U.S. companies into thinking remote IT workers they hired were located in the country. The pair’s separ
by Tim Starks / 6d
A House Democrat who’s been at the forefront of congressional efforts to scrutinize the federal government’s use of commercial spyware wants the Commerce Department to brief Capitol Hill amid apprehension that the Trump administration might further embrace the technology. Rep. Summer Lee, D-Pa., sent a letter to the department Thursday seeking a briefing on several developments stemming from Immi
May 6, 2026
by Greg Otto / 7d
A defense technology company with Department of Defense contracts exposed user records and military training materials through API endpoints that lacked meaningful authorization checks, according to an account published by Strix , an open-source autonomous security testing project. The issue affected Schemata, an AI -powered virtual training platform used in military and defense settings. Accordi
Attackers are actively exploiting a zero-day vulnerability affecting some Palo Alto Networks’ customers’ firewalls, the security vendor said in an advisory Tuesday. The critical memory corruption vulnerability — CVE-2026-0300 — affects the authentication portal of PAN-OS, and allows unauthenticated attackers to run code with root privileges on the vendor’s PA-Series and VM-Series firewalls, the c
May 5, 2026
The Cybersecurity and Infrastructure Security Agency is urging critical infrastructure owners and operators to plan for delivering essential services under emergency conditions – potentially for months at a time. The federal government’s top cybersecurity agency warned that state-sponsored hackers, particularly two Chinese groups known as Salt Typhoon and Volt Typhoon, continue to threaten critic
by Tim Starks / 8d
The Cybersecurity and Infrastructure Security Agency has gotten “by far” the biggest gains from artificial intelligence automation in its security operations unit to help analysts sift through threats, but it’s also proven valuable elsewhere within the agency, CISA officials said Tuesday. It’s “really allowing those analysts to do triage very fast, so they focus on what matters versus the noise,”
A federal judge sentenced a Latvian national to 102 months in prison for his involvement in a series of ransomware attacks for more than two years prior to his arrest in 2023, the Justice Department said Monday. Deniss Zolotarjovs, a resident of Moscow at the time, helped an organization led by former leaders of the Conti ransomware group extort payments from more than 54 companies. The 35-year-o
May 4, 2026
2 TTPs
by Matt Kapko / 9d
Attackers are actively exploiting a Linux vulnerability in the wild, and researchers warn that the fallout could be broad — anyone with authenticated local access can leverage it to gain total control of a system. But the story behind CVE-2026-31431 is almost as interesting as the bug itself. Theori, the company that discovered the bug, leaned heavily on AI to find and initially disclose it. The
A 19-year-old woman is suing the makers of a dating app, alleging they took a video she posted online, repurposed it without her consent into an advertisement for the app, then used geofencing to target that ad to people in her area. According to the lawsuit filed Apr. 28 in Tennessee and an interview with her lawyer, the company allegedly used geotargeting to serve the ads on platforms like Snap
by Greg Otto / 9d
Missile and drone attacks that took out cloud data centers in the Middle East underscored a critical vulnerability in the modern economy: reliance on digital infrastructure that sustains competitive advantage and operational continuity for corporations, nations, and militaries. The outages and downstream disruption were a preview of a new form of strategic and operational risk. Data centers have
May 1, 2026
Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom jointly published guidance Friday urging organizations to treat autonomous artificial intelligence systems as a core cyber
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.