AI
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
Mythos Preview, Anthropic claimed, has already discovered thousands of high-severity zero-day vulnerabilities in every major operating system and web browser. Some of these include a now-patched 27-year-old bug in OpenBSD, a 16-year-old flaw in FFmpeg, and a memory-corrupting vulnerability in a memory-safe virtual machine monitor.
The model is not yet generally available--instead, it's in a a preview version called Project Glasswing, used by a small set of organizations, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, along with Anthropic, to secure critical software.
Anthropic did this because Claude Mythos has a "level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities."
PentAGI – Automated AI-Powered Penetration Testing Tool that Integrates 20+ Security Tools
Ex-Amazon AI Leader: In 1 Year, the Gap Between AI Users and Everyone Else Will Be Irreversible
How to set up AI agents to do useful work for you (video)
AI breakthrough cuts energy use by 100x while boosting accuracy
This bot turned $16 into $16,000 trading for only 5 minutes
SecuritySnack - OpenAI Anti-Ads Malware
The extension masquerades as an ad-blocking tool but is primarily designed to steal the user’s ChatGPT conversations data
This new chip survives 1300°F (700°C) and could change AI forever
The new device is known as a memristor, a nanoscale component that can both store data and perform computations. It is constructed like a microscopic layered structure, with two electrodes on either side and a thin ceramic layer in between.
Jian Zhao, the study's first author, built the device using tungsten for the top electrode, hafnium oxide ceramic in the middle, and graphene for the bottom layer. Tungsten has the highest melting point of any element, while graphene, a single-atom-thick sheet of carbon, is known for its exceptional strength and heat resistance.
Politics
Sports bets on prediction markets ruled to be “swaps,” exempt from state laws
Trump’s next budget once again calls for massive cuts to science
Trump’s Chances of Being Removed by 25th Amendment Climb
Kalshi puts it at 35%
Study: Adolescents Who Received Gender Reassignment Have Worse Mental Health
The study tracked 2,083 people who had sought medical services for gender confusion between 1996 and 2019.
Infosec
Thousands of consumer routers hacked by Russia’s military
End-of-life routers in homes and small offices hacked in 120 countries. Rogue DNS server assigned, which hijacked authentication pages, to harvest credentials via AiTM attacks.
The rise of proactive cyber: Why defense is no longer enough
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
The Invisible Army: Residential Proxy Abuse in Internet-Scale Attack Traffic
New Android banking bot for rent: Mirax
Banking ovelays, keylogging, SMS, etc.
Venom Stealer Turns ClickFix Into a Full Exfiltration Pipeline
The moment the payload executes, it sweeps every Chromium and Firefox-based browser on the machine, extracting saved passwords, session cookies, browsing history, autofill data, and cryptocurrency wallet vaults from every profile. Chrome’s v10 and v20 password encryption is bypassed using a silent privilege escalation that extracts the decryption key without triggering any UAC dialog, leaving no forensic artifacts.
Any discovered wallet data is passed to a server-side cracking engine running on GPU infrastructure, which auto-cracks MetaMask, Phantom, Solflare, Trust Wallet, Atomic, Exodus, Electrum, Bitcoin Core, Monero, and Tonkeeper. Once a wallet is cracked, the auto-transfer engine sweeps funds immediately across nine chains including ERC-20/SPL tokens, liquid staking positions, and DeFi protocol positions.
Dev Machine Guard
Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages — in seconds.
Stop using Run as Administrator: Windows 11 now has sudo, and it's safer
|