Tag: access
-
Trump signs EO seeking early government access to powerful AI models
The directive represents an about-face for an administration that previously repudiated government AI reviews. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/trump-ai-security-executive-order/821755/
-
Zertifizierter Extender bietet verteilten Zweigstellen leistungsstarke 5G-WAN-Konnektivität
Der neue 5G-Extender von Versa, Spezialist für Secure-Access-Service-Edge (SASE), beseitigt eine der größten Herausforderungen bei der Anbindung von Zweigstellen: Die 5G-Signalstärke ist in der Regel in den Verteilerschränken, in denen die entsprechenden Netzwerkgeräte installiert sind, am schwächsten. Der Extender ermöglicht es Unternehmen, 5G dort zu platzieren, wo der Empfang am stärksten ist, etwa in der…
-
Password manager Dashlane says hackers stole some customers’ password vaults
The password manager giant said hackers were able to ‘brute-force’ its two-factor system, allowing them to access customer accounts and download their password vaults. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/02/password-manager-dashlane-says-hackers-stole-some-customers-password-vaults/
-
Anthropic scales Claude Mythos to critical infrastructure in 15+ countries
Anthropic is expanding Project Glasswing, its security vulnerability program, and access to Mythos to 150 organizations across 15 countries, targeting critical infrastructure in power, water, healthcare, and communications where a cyberattack could affect 100 million people. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/02/anthropic-scales-claude-mythos-to-critical-infrastructure-in-15-countries/
-
Anthropic expanding access to Project Glasswing
Roughly 150 new organizations across critical infrastructure sectors will gain access to Claude Mythos Preview, Anthropic’s most capable, and most restricted, AI model. First seen on cyberscoop.com Jump to article: cyberscoop.com/anthropic-project-glasswing-expansion-critical-infrastructure-claude-mythos/
-
Critical KMW CCTV Flaw Allows Unauthorised Access to Surveillance Feeds
A critical security vulnerability in KMW CCTV security cameras could allow attackers to gain full, unauthorised access to live surveillance feeds and device settings, raising serious concerns for organisations that rely on these systems in sensitive environments. The issue, tracked as CVE-2026-5386 and disclosed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) under advisory…
-
Mustang Panda Uses LNK, PowerShell Chain to Deploy PlugX RAT
Mustang Panda is using a fake “Browser Updater” and a multi”‘stage LNKPowerShell loader to sideload PlugX through a legitimate G DATA antivirus binary, ultimately beaconing over HTTPS to a hard”‘coded C2 while hiding configuration and strings behind layered encryption and API hashing. Mustang Panda is a China”‘nexus APT group, long associated with PlugX remote access…
-
Microsoft Entra pushes passkeys, tightens identity security
Microsoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/microsoft-entra-latest-security-updates/
-
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT.”The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” First seen on…
-
OpenAI brings frontier AI to existing AWS environments
OpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/openai-models-and-codex-on-aws/
-
PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
New technical details about PHANTOMPULSE, a sophisticated remote access trojan (RAT) used in multi-stage intrusions targeting Windows environments. The malware represents the final payload in an attack chain previously linked to Obsidian plugin abuse and in-memory loaders, but this latest analysis focuses on its advanced post-exploitation capabilities. PHANTOMPULSE stands out for combining multiple stealth techniques,…
-
Europe Edges Closer to Claude Mythos Access
Anthropic Offers ENISA a Place in Project Glasswing. Anthropic offered the European Union’s cybersecurity agency ENISA entry to Project Glasswing, its arrangement for giving organizations controlled early access to its vulnerability-finding Mythos AI model. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/europe-edges-closer-to-claude-mythos-access-a-31827
-
Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Several users on social media reported having their Instagram accounts hacked over the weekend. Meta’s own support chatbot was blamed for allowing hackers to hijack accounts. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/
-
Microsoft investigates Office Apps, Teams file access issues
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-investigates-office-apps-teams-file-access-issues/
-
Cyberkriminelle nutzen die Phishing-Plattform Kali365, um legitime Microsoft-365-Verfahren für einen Zugriff ohne Passwörter
Das FBI warnt aktuell vor Kali365, einer seit April 2026 aktiven Phishing-as-a-Service-Plattform, die gezielt Microsoft-365-Umgebungen ins Visier nimmt. Hierbei werden keine Zugangsdaten gestohlen, sondern OAuth-Tokens gekapert, wodurch selbst eine Multifaktor-Authentifizierung (MFA) umgangen wird. Die Plattform bietet zudem KI-generierte Phishing-Vorlagen, automatisierte Kampagnen-Tools und Echtzeit-Tracking-Dashboards und wird über Telegram als Abonnementmodell vertrieben. Der Angriff läuft dabei in…
-
Microsoft Issues OutBand SharePoint Patch
SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-issues-sharepoint-patch
-
Anthropic Expands Public Access to Claude Mythos AI Model
Expect to See Widespread Availability of Mythos-Level Models Within 6-12 Months. Anthropic is expanding public access to its frontier artificial intelligence model Claude Mythos to qualifying customers’ security teams on request for such purposes as vulnerability research and red-teaming, and predicts that Mythos-class models will be publicly available within 12 months. First seen on govinfosecurity.com…
-
Microsoft Code Editor Flaw Lets Attackers Hijack Developer PCs
Hidden Install Settings Let Malicious MCP Links Execute Code. Microsoft patched a high-severity flaw in Visual Studio Code after researchers found attackers could hide malicious settings inside MCP server install links, giving them persistent access to developer machines through what appeared to be routine artificial intelligence tool installations. First seen on govinfosecurity.com Jump to article:…
-
Why AI Agents Are Creating a New Security Blind Spot
Okta’s Charlotte Wylie on Identity, Governance and Rogue AI Access. AI agents are becoming a new identity type inside enterprises, creating visibility gaps and security risks most organizations aren’t prepared to manage. Okta’s Charlotte Wylie explains why shadow agents, overprovisioned access and AI-driven attacks demand a new governance model. First seen on govinfosecurity.com Jump to…
-
FBI warns about PhaaS platform used to access Microsoft 365 environments
Device code phishing enabled hackers to bypass multifactor authentication without credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-warns-phishing-platform-microsoft-365/821105/
-
Quasar RAT Hits Developers With Fileless Linux Attacks
Quasar Linux (QLNX) is a new, stealthy Linux Remote Access Trojan that quietly turns developer and DevOps workstations into high”‘value beachheads for software supply”‘chain attacks, using fileless execution, an eBPF rootkit, PAM backdoors, and a P2P C2 mesh to evade conventional defenses. Despite its name, it is unrelated to the Windows”‘focused QuasarRAT family. It is…
-
Lazarus APT unveils fileless remote access Trojan designed to evade detection
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…
-
Multiple 7-Zip Vulnerabilities Enable Arbitrary Code Execution
Multiple memory safety bugs in 7″‘Zip 26.00 allow remote attackers to leak sensitive data and, in at least one case, execute arbitrary code when a victim opens a crafted archive file. GitHub Security Lab has disclosed a critical heap buffer overflow in 7″‘Zip’s NTFS handler (GHSL”‘2026″‘140, CVE”‘2026″‘48095), alongside a cluster of additional memory access violations…
-
Anthropic Prepares Claude Mythos for Wider Release Through Claude Code
Anthropic is preparing to expand access to its most advanced AI model, Claude Mythos, signaling a shift from tightly controlled deployment to a staged commercial rollout under a new version labeled Mythos 1. The move suggests the company is transitioning from experimental security use cases toward broader enterprise integration. Claude Mythos first emerged in March…
-
Manage machine identities: The hidden privileged access layer you need to manage
Why are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/26/delinea-managing-managing-machine-identities-access/