Jaheen100 - Slashdot User

Submission + - Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge (securityweek.com)

Submitted by wiredmikey on Thursday April 30, 2026 @03:05PM

wiredmikey writes: Anthropic has unveiled as the industry braces for a new wave of AI-powered attacks. Models like Mythos are compressing time-to-exploit to minutes, fundamentally shifting the advantage toward attackers. Without equally capable defensive AI, security teams risk being overwhelmed. Claude Security is Anthropic’s answer. Integrated directly into enterprise workflows, it scans code, identifies vulnerabilities, explains risk with confidence scoring, and helps generate targeted fixes in a single session.

Submission + - OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos (securityweek.com) 1

Submitted by wiredmikey on Thursday April 16, 2026 @11:46AM

wiredmikey writes: OpenAI has introduced GPT-5.4-Cyber, a cybersecurity-focused model that will be offered to many defenders. OpenAI announced that it’s scaling its Trusted Access for Cyber program to thousands of verified defenders and hundreds of security teams. They will be given access to GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 that relaxes the usual guardrails for legitimate cybersecurity work.

The announcement comes in the wake of Anthropic’s release of Claude Mythos, a new and powerful AI model allegedly capable of autonomously discovering thousands of zero-day vulnerabilities. This led Anthropic to withhold its public release and instead offer it only to a few dozen major organizations through a restricted program called Project Glasswing.

Submission + - Anthropic Unveils Claude Mythos, Powerful AI With Major Cyber Implications (securityweek.com) 1

Submitted by wiredmikey on Tuesday April 07, 2026 @02:51PM

wiredmikey writes: Anthropic has unveiled Claude Mythos, a new AI model capable of discovering critical vulnerabilities at scale. It’s already powering Project Glasswing, a joint effort with major tech firms to secure critical software. But the same capabilities could also accelerate offensive cyber operations.

Submission + - Trump Orders Federal Agencies to Stop Using Anthropic Technology (securityweek.com)

Submitted by wiredmikey on Friday February 27, 2026 @05:37PM

wiredmikey writes: President Donald Trump said Friday he was ordering all federal agencies to phase out use of Anthropic technology after the company’s unusually public dispute with the Pentagon over artificial intelligence safety. Trump’s comments came just over an hour before the Pentagon’s deadline for Anthropic to allow unrestricted military use of its AI technology or face consequences — and nearly 24 hours after CEO Dario Amodei said his company “cannot in good conscience accede” to the Defense Department’s demands.

Submission + - iOS Zero-Day Exploited in 'Extremely Sophisticated Attack' (securityweek.com)

Submitted by wiredmikey on Thursday February 12, 2026 @12:16PM

wiredmikey writes: Apple has rolled out fixes for iOS and macOS systems to resolve a zero-day vulnerability that has been exploited in the wild. Tracked as CVE-2026-20700, the zero-day flaw is described as a memory corruption issue that could be exploited for arbitrary code execution. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26,” Apple noted in its advisory.

Submission + - New 'ZeroDayRAT' Enables Total Compromise of iOS, Android Devices (securityweek.com)

Submitted by wiredmikey on Tuesday February 10, 2026 @10:03AM

wiredmikey writes: Security researchers have discovered ZeroDayRAT, a new commercial mobile spyware toolkit that enables full remote access to Android and iOS devices, with features including live camera feeds, key logging, bank and crypto theft and more. Available via Telegram, researchers from iVerify warn that ZeroDayRAT is a ‘complete mobile compromise toolkit’ comparable to kits normally requiring nation-state resources to develop. This is a worrying new spyware RAT that may be with us for some time.

Submission + - Intel Core Ultra X9 388H Launched: Panther Lake Tests Strong In Lenovo Laptop (hothardware.com)

Submitted by MojoKid on Monday January 26, 2026 @10:54AM

MojoKid writes: Intel took the wraps off performance testing of its top-end 16-core / 12-Xe Core Ultra X9 388H, aka Panther Lake, mobile processor today, and puts up great numbers essentially across the board. The chip offers class-leading performance and excellent efficiency relative to other mainstream notebook platforms, especially as it relates to graphics and AI workloads. Intel didn't make significant changes to the Cougar Cove (P-Core) And Darkmont (E-Core) microarchitectures in Panther Lake, other than tuning them for manufacturing on Intel's 18A process, but the 12-Xe core iGPU represents a huge leap in performance and Intel's NPU5 is purpose -built for today's local AI workloads. With all of that in mind, it appears that Intel has delivered in spades with Panther Lake and the Core Ultra 300 series for next gen laptops and likely hand-held gaming devices as well. iGPU and NPU performance were both very strong, and CPU performance, particularly in multi-threaded workloads, is highly competitive. Battery life and efficiency were also very good. Despite the test vehicle's large, high-resolution 16-inch; display, the pre-production Lenovo IdeaPad 5 Pro tested lasted for nearly 24 hours untethered from a power outlet, with the screen lit up the entire time.

Submission + - Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits (securityweek.com)

Submitted by wiredmikey on Wednesday January 14, 2026 @10:36AM

wiredmikey writes: The Predator spyware is more sophisticated and dangerous than previously realized. New research reveals an error taxonomy that reports exactly why deployments fail, turning black boxes into diagnostic events for threat actors. Almost exclusively marketed to and used by national governments and intelligence agencies, the spyware also detects cybersecurity tools, suppresses forensics evidence, and has built-in geographic restrictions.

Submission + - CES Worst in Show Awards Call Out The Tech Making Things Worse (ifixit.com)

Submitted by chicksdaddy on Friday January 09, 2026 @04:52PM

chicksdaddy writes: CES, the Consumer Electronics Show, isn’t just about shiny new gadgets, as AP reports (https://apnews.com/article/ces-worst-show-ai-0ce7fbc5aff68e8ff6d7b8e6fb7b007d): this year brought back the fifth annual Worst in Show anti-awards (https://www.worstinshowces.com/), calling out the most harmful, wasteful, invasive, and unfixable tech at the Las Vegas show. The coalition behind the awards — including Repair.org, iFixit, EFF, PIRG, Secure Repairs and others — put the spotlight on products that miss the point of innovation and make life worse for users.

2026 Worst in Show winners include:
Overall (and Repairability): Samsung’s AI-packed Family Hub fridge — overengineered, hard to fix, and trying to do everything but keep food cold.
Privacy: Amazon Ring AI — expanding surveillance with features like facial recognition and mobile towers.
Security: Merach UltraTread treadmill — AI fitness coach that also hoovers up sensitive data with weak security guarantees — including a Privacy Policy that declares the company "cannot guarantee the security of your personal information" (!!)
Environmental Impact: Lollipop Star — a single-use music-playing electronic lollipop that epitomizes needless e-waste.
Enshittification: Bosch eBike Flow App — pushing lock-in and digital restrictions that make gear worse over time.
“Who Asked For This?”: Bosch Personal AI Barista — voice-assistant coffee maker that nobody really wanted.
People’s Choice: Lepro Ami AI Companion — an overhyped “soulmate” cam that creeps more than comforts.

The message? Not all tech is progress. Some products add needless complexity, threaten privacy, or throw sustainability out the window — and the industry’s watchdogs are calling them out.

Submission + - Microsoft To Appoint a Deputy CISO for Europe (csoonline.com)

Submitted by Anonymous Coward on Friday May 02, 2025 @01:34PM

An anonymous reader writes: In a move designed to reassure European leaders of the company's commitment to the region, Microsoft earlier this week announced that it will be creating a new position: a Deputy CISO for Europe. In reaction to the news, one analyst quipped, “I was mostly surprised that they don’t already have one,” adding that Microsoft is not creating the role “because they really believe in it. It’s because they don’t want to lose that business. It’s that simple."

Submission + - JetBrains AI Assistant Panned In JetBrains Marketplace (infoworld.com)

Submitted by itwbennett on Friday May 02, 2025 @09:02AM

itwbennett writes: From the article:
Despite having been downloaded nearly 23 million times, the JetBrains AI Assistant has received bad reviews on the company’s JetBrains Marketplace website, prompting JetBrains to remove some of the reviews.
Unveiled in December 2023, the JetBrains AI Assistant rates only 2.3 stars out of a possible five stars on the company’s ratings system, with 851 total ratings as of May 1. “I’ve been a long-time user of JetBrains IDEs and generally appreciate the thoughtful tooling they offer,” reviewer Haso Keric wrote. “Unfortunately, the AI Assistant doesn’t live up to the same standard. It feels bolted on rather than integrated, and it quickly becomes more of a novelty than a productivity tool.”

Submission + - Chase CISO Condemns SaaS Security (csoonline.com)

Submitted by itwbennett on Thursday May 01, 2025 @11:17AM

itwbennett writes: In an open letter to suppliers, Chase CISO Patrick Opet, took the industry to task for 'quietly enabling cyber attackers,' among a litany of other security sins. Sources quoted in this CSOonline article didn't disagree with what is generally agreed to be an accurate description of today's security challenges, but what Opet hoped to accomplish with this letter is unclear. One analyst described it as 'more of a call to discussion than a call to action.' Another pinned the lack of specificity on the likely involvement of Chase legal and other officials making edits that watered down the substance, so 'the essence of the letter is lost trying to protect themselves.'

Submission + - Lesson from Blue Shield California Data Breach: Read the Manual (csoonline.com)

Submitted by itwbennett on Friday April 25, 2025 @12:58PM

itwbennett writes: Personal health information on 4.7 million Blue Shield California subscribers was unintentionally shared between Google Analytics and Google Ads between April 2021 and January 2025 due to a misconfiguration error. Security consultant and SANS Institute instructor Brandon Evans points to two lessons to take from this debacle:

read the documentation of any third party service you sign up for, to understand the security and privacy controls;
know what data is being collected from your organization, and what you don’t want shared.

Submission + - Vendors Slowly Patch Critical MegaRAC Flaw (networkworld.com)

Submitted by itwbennett on Friday April 25, 2025 @08:20AM

itwbennett writes: From the Network World article:
Weeks after BIOS developer AMI released an update fixing a critical vulnerability in its MegaRAC baseband management controller (BMC) firmware used in many enterprise servers and storage systems, OEM patches addressing the issue are slowly trickling out.
The latest vendor to release patches was Lenovo, which appears to have taken until April 17 to release its patch. And although Asus patches for four motherboard models appeared only this week, the exact time these were posted is unconfirmed; the dates on the updates range from March 12 to March 28.
Among the first to release a patch was Hewlett Packard Enterprise (HPE), which on March 20 released an update for its HPE Cray XD670, used for AI and high-performance computing (HPC) workloads. Other OEMs known to use AMI’s MegaRAC BMC include AMD, Ampere Computing, ASRock, ARM, Fujitsu, Gigabyte, Huawei, Nvidia, Supermicro, and Qualcomm.

Submission + - Tariffs May Finally Make Recycling Rare Earth Elements Pay Off (networkworld.com)

Submitted by itwbennett on Thursday April 24, 2025 @08:19AM

itwbennett writes: Computerworld reports that Western Digital and Microsoft are testing ways to recover precious materials from old servers. “A new advanced sorting ecosystem with an eco-friendly non-acid process not only recaptures essential rare earth elements but also extracts metals like gold, copper, aluminum, and steel, feeding them back into the US supply chain,” Western Digital said in a statement. This part isn't new. What's new is the math. Thanks to Trump's tariff war and 'moves by China to halt the export of bismuth, which might hold the key to future faster and more efficient semiconductors,' the few dollars' worth of materials in one server might be enough ROI to make it worthwhile. Gartner analyst Autumn Stanish is positive about the Western Digital news, but advises caution. 'This seems, based on the public information, far from the volume and scale to achieve the independence and carbon savings potential presented,' she said.

Slashdot Top Deals