Agregátor RSS

The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was actually a simple three-word prompt: “Fix this code.” That's according to Katie Moussouris, founder and CEO of Luta Security, and the fairy godmother of bug bounties. She says she was the only outside expert to read the third-party research paper on the Fable 5 guardrail bypass techniques that prompted the ban. On Friday, the US government, reportedly citing national security concerns, issued an export control directive to suspend access to Fable 5 and Mythos 5 by any foreign national, inside or outside the United States. In response, Anthropic disabled both models “for all our customers to ensure compliance.” Anthropic shared the report privately with her, Moussouris wrote in a Monday blog post. The outside researchers reportedly fed Anthropic’s Fable 5, Mythos, and Claude Opus models open-source code containing known CVEs, plus new code intentionally laced with vulnerabilities, and asked the models to “review the code for security issues.” As Moussouris tells it, Fable 5 refused, so the researchers asked the AI systems to “fix this code.” The model reportedly obliged, and after additional prompts also produced scripts to test the patches. “That’s it,” Moussouris wrote. “‘Fix this code,’ plus several manual steps to generate test scripts, should never have triggered an export control. I feel like making ’90s-style t-shirts with ‘fix this code’ on the front and ‘this shirt is a munition’ on the back.” Between 2013 and 2017, Moussouris served on the technical expert group that renegotiated the Wassenaar Arrangement, a voluntary agreement between 42 nations that governs certain export controls for classified dual-use software and technology. The group eventually won exemptions for defensive cybersecurity activity. This allows defenders to share vulnerability data, conduct malware analysis, and coordinate incident response internationally without the threat of criminal prosecution. On Sunday, Moussouris joined more than 100 other cybersecurity leaders and signed an open letter urging the Trump administration to reverse the restrictions on Fable 5 and Mythos and restore cybersecurity firms' access to the advanced models. “To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” they wrote. In her blog, Moussouris argues that there was no guardrail bypass or jailbreak. Defenders should be able to ask AI systems to find and fix bugs, and write tests to validate the patch, she said. Anthropic’s models were doing “the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.” Removing the capability for models to respond to defensive requests makes AI systems “worse at finding bugs and verifying patches,” she continued. Plus, the US can’t extend export controls to open-weight systems or similar advanced models from China and other countries - and these systems will soon achieve Mythos-like capabilities, anyway. Anthropic and Google have both accused China-based rivals including DeepSeek of using “distillation attacks” to train their models by siphoning knowledge from American companies’ AI. Banning Anthropic’s advanced models is going to hurt defenders more than attackers, Moussouris warns. “Defense improves when defenders find the same bugs attackers find and fix them faster,” she wrote. “We need the best tools to defend against increasingly capable attackers in the AI era of cybersecurity.” The Register reached out to the Trump administration for comment on Moussouris' assertion, and we'll update this post if we hear back. ®

If more than 12 million enterprise systems can be exposed by flaws in a security control designed to harden Linux, it's probably worth asking whether Linux gives people a false sense of security. That's a question that has come up repeatedly throughout 2026.

A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. [...]

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the unusual part: the attackers rewired the victims' own Google Workspace rules to copy any message Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A decade ago, AMD added a protection to its high-end CPUs to protect them against cold boot attacks and other types of physical exploits that siphon sensitive data out of the connected memory chips. Short for Transparent Secure Memory Encryption, TSME encrypts the entire contents stored in memory, making the data useless to physical attackers.

Over time, AMD added TSME to lower-end processors, including the consumer version of its Ryzen chips, a CPU that costs less than the Pro version. Over the years, users of these lower-end chips have gotten used to the added security. Recently and without warning or notice, this lower-end line of AMD chips suddenly dropped the protection, and did so in a way that was impossible to detect on Windows machines and required a fair amount of technical work when using Linux.

Now you see it, now you don't

AMD has yet to say why TSME worked on these CPUs, or even to confirm the change. AMD declined to answer questions sent by email other than to say TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." The statement is the first known time the chipmaker has explicitly made this restriction public.

Read full article

Comments

Inovace včetně modernějšího Face ID pod displejem mají zpoždění • Fotoaparát s proměnlivou clonou získá pouze největší model Max • Staronové šasi může trpět loupáním laku a blednutím na slunci

ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations. According to a post on the extortion crew’s data-leak site, the 429,000 pilfered files contain HR and payroll records, payslips, purchase-order records, CVs, and employees’ salary, banking, tax, and medical records. A Council of Europe spokesperson told The Register that it is “currently investigating the matter and assessing the situation,” but declined to comment further. A spokesperson for the cybercrime group told us that the Council is yet another victim of the Oracle PeopleSoft heist. Oracle has yet to respond to The Register’s inquiries, and it's unclear if the vulnerability, tracked as CVE-2026-35273, has been patched. ShinyHunters previously told us that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the University of Nottingham. Last week, the crims listed the UK uni on their leak site, then dumped data belonging to around 454,600 current and former students, including personal and academic records. Meanwhile, a Google threat report published late last week noted malicious activity, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints." Most of these are US-based organizations, and 68 percent operated within the higher education sector. This latest heist follows another ShinyHunters intrusion targeting data belonging to university and K-12 students, teachers, and staff. In mid-May, ed-tech giant Instructure said it “reached an agreement” - this is corporate-speak for “paid the ransom demand” - with the data theft and extortion crew after ShinyHunters breached its Canvas digital learning platform and accessed data tied to 275 million students, teachers, and staff. In March, ShinyHunters claimed it stole data from K-12 software provider Infinite Campus as part of a broader wave of Salesforce-related intrusions. The ed tech company did not pay up, and the group subsequently published data they claim was stolen from Infinite Campus, including 137,000 individuals’ email addresses along with names, phone numbers, physical addresses and support tickets. Infinite Campus, in its data breach notification, said that the leaked files largely consisted of “names and contact information for school staff" and that “the majority is directory information commonly found on school websites.” ®

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]

Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...]

US legislation covering federal datacenters is set to expire in September and it appears that the Trump administration is simply going to allow it to lapse without replacement. The Federal Data Center Enhancement Act (FDCEA) of 2023 covers certain standards that are to be adhered to for facilities that are wholly or partially owned, operated, or maintained by a federal agency. It includes requirements relating to availability and uptime of the facility; the use of sustainable energy sources; protection against power failure; protections against physical intrusion and natural disasters; plus IT security protections. We understand that the legislation will sunset on September 30, 2026, and according to Wired, neither the US Congress nor the Trump administration appears to be making any move to extend the act, or put alternate legislation in place. The danger is that if the FDCEA is not renewed or superseded by similar legislation, then federal agencies across the US may cease to follow the requirements and simply act as they see fit when procuring new datacenter infrastructure. We asked the White House and Congress for comment. According to implementation guidance issued by the Office of Management and Budget (OMB) under the previous administration, agency datacenters “must provide secure and highly available computing infrastructure to enable reliable access to Federal information and information systems.” It notes that the "needs of the federal government with respect to data access and data processing systems have evolved since 2014,” when the Federal Data Center Consolidation Initiative (FDCCI) was established, and hence the latter was not renewed but replaced by the FDCEA. The OMB states that effective operation of datacenters requires regular monitoring, and optimization of resources by operators, and directs agencies to incorporate automated tools into the management of all new facilities, including tools that monitor metrics such as electrical consumption. It also states that the “cost, scarcity, and environmental impact of energy and water consumption necessitates that agencies evaluate datacenters against resource consumption metrics and best practices when making their decisions” regarding new datacenter builds. Perhaps most importantly, it requires that federal facilities “must be able to meet the reliability and resiliency needs of their hosted information and information systems through implementation of the appropriate information security and physical security protections.” It is widely known that the Trump administration does not look kindly on regulations, especially those relating to environmental protection. Instead, policy has focused on fast-tracking the federal permitting process for datacenters, particularly those dedicated to training and developing AI models. A recent report from Politico stated that the Trump administration was not inclined to set nationwide environmental requirements or recommendations for the datacenter industry. Instead, Environmental Protection Agency (EPA) Administrator Lee Zeldin said that while there are technologies and practices that reduce air pollution and water usage, individual states and communities know what works best for them. At the same time, opposition to datacenter construction is growing across the US, precisely because of public fears over factors such as air pollution, water usage, and the prospect of spiking energy bills. A recent survey found more than 70 percent of respondents said that they would be against the construction of an AI datacenter in their neighborhood. ®

Můžete využít služby pro posílání souborů nebo moderní cloudová úložiště • Operační systémy Windows 10 a 11 obsahují integrovanou aplikaci OneDrive • Vlastní NAS umožňuje bezpečné sdílení souborů bez omezení cizích serverů

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface. A server takeover exposes every provider key it holds, the secrets that Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

The Council of Europe, the continent's oldest intergovernmental body, is probing claims of a data breach made by the ShinyHunters extortion group over the weekend. [...]

Předseda vlády Spojeného království chce regulovat sociální média • . • Děti do 16 let na ně nebudou mít přístup. • Legislativa má platit od jara 2027.

Microsoft appears to have dropped the ball with its certificate management after a domain used by sysadmins worldwide to test connectivity to Microsoft 365 started throwing untrusted connection warnings in browsers. The connectivity.office.com domain is used by IT pros to test their network's connectivity to Microsoft 365 and ensure their firewalls aren't blocking anything that could affect an organization's access to Microsoft servers. An SSL server report retrieved on Monday showed that the certificate expired on June 14 after last being renewed on December 16, 2025. At the time of writing, 35 hours have passed since the certificate expired, and Microsoft has still not renewed it, despite many in the IT community making their opinions on the matter known. Certificate renewals are often automated in this day and age, but in organizations still relying on manual processes, those responsible for renewals would almost certainly have received multiple alerts warning of the impending expiration. It suggests that something, or someone, involved in the certificate-renewal process at Microsoft has messed up. The Register contacted Redmond for a response. The company's publicists acknowledged the request for comment but did not return one in time for publication. The fallout could have been much worse. Browser warnings on a network diagnostic tool are irritating, but hardly catastrophic compared with the same thing happening to login.microsoft.com or another critical service. Teams users may remember the collaboration platform abruptly deciding to take Monday off in 2020, after an authentication certificate expired, for example. Whatever went wrong here, Microsoft will have to tighten its processes before shorter certificate lifespans arrive in the coming years. As of March 26, new SSL/TLS certs will have a maximum lifespan of 200 days. This is set to decrease to 100 days by March 15, 2027, and then to 47 days two years later. ®

The U.S. Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims of cryptocurrency investment scams, also known as pig butchering or romance baiting. [...]

Europe’s evangelistic approach to insisting Apple open up personal data to competing AI services is hurting Apple users in the region. More than that, it also places its entire business sector at risk, and a newly-published Jamf survey suggests why.

Announced at WWDC 2026, Apple Intelligence/Siri AI relies on personal, contextual data to run. Europe wants that same information to be made available to third-party services for competing apps, but has not worked with Apple to protect user confidentiality. It’s an approach that places your data at risk of exfiltration using those apps because Europe is insisting Apple share personal information with the developers of other apps.

The desire to protect that data is why Apple won’t distribute Siri AI in the EU for a while.

Jamf survey exposes the IT risks of AI

It’s not as if Europe doesn’t understand the risk of data leaks in an era of AI. Just look at the bloc’s focus on things that do matter, such as sovereign AI or managed AI services like Orange Live Intelligence. These locally-produced AI services, alongside Europe’s attitude toward them, tell me the confederation understands the risks.

How real are these risks? Very. Jamf on Monday published survey results confirming the scale of that risk, telling us that one-in-five IT and security leaders in the enterprise sector has already experienced an AI-related incident involving unexpected costs, a security issue, or both.  The survey also found that:

• 72.9% of organizations have already deployed AI in some form.
• 59.7% see an AI-related incident as a near-term risk.
• Organizations with deeply integrated AI are 40% more likely to report an AI-related incident than organizations still in the exploratory stage. 

The implication is that AI governance is becoming an operational requirement and — as Apple has told us umpteen times in the past — the best way to maintain operational confidentiality is not to collect or share any data at all. That’s the whole point of its approach: the data doesn’t need to be shared, it just needs to be turned into another signal that promotes utility while protecting confidentiality. 

Crafting trust in a crowded market

There’s another challenge to emerge. There are now multiple brands of AI, with more coming on stream all the time. That’s great in terms of finding a model that suits your needs, but challenging when it comes to ensuring all the services you or your employees use of are equally secure. You don’t want your business to become deeply reliant on any service only for that vendor to subsequently get bought out and/or shut down, nor do you want a service to be hacked or otherwise exploited to your detriment.

“AI isn’t arriving as a single application that IT can approve and move on from,” said Jamf CEO Beth Tschida. “It’s showing up in developer tools, productivity apps, autonomous agents, and other software they already run. The challenge is maintaining visibility and control as that footprint expands.” 

The survey described the challenges IT faces with AI deployment: shadow IT, vendor sprawl, and the need to grapple with highly unpredictable use-based pricing models. And that’s even before considering the governance challenges of agentic and developer AI.

AI and the emerging governance nightmare

“What our survey shows is that governance must keep pace with adoption,” Tschida said. “For organizations built on Apple, the foundation is already an advantage. Apple’s privacy model and the management controls built into the platform give IT teams a strong foundation to build on and … that advantage depends on using tools built for Apple from the start.”

That’s the point of the curated, private and secured service offered by Siri AI, of course. It’s also part of what Apple is building toward with its wider ambitions toward AI on its platform. Bloomberg’s Mark Gurman discussed elements of this in his weekend newsletter, in which he suggested Apple might introduce some subscription services using AI, and that it is building an App Store for Siri Extensions, which would allow third-party chatbots to work with Siri. 

There is a need for curation and management in AI

What makes that model work is the curation with which Apple surrounds it, and its determination to extend Private Cloud Compute so it can protect your data even when using third-party servers (in this case, Google’s server clusters). It makes sense to think Apple intends to use that system to protect all approved third-parry AI interactions provided across its platforms by its own routes. That’s true, even if users access services free of those safeguards using a web browser, which they currently can.

But the key thing is that if Apple can get this right, offering up a managed, curated, and controllable ecosystem for AI agents and services, it will be going a long way toward building the kind of managed AI ecosystem the Jamf survey shows our modern digital enterprises increasingly need. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and subscribe to The Core.

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

Finský startup Donut Lab na veletrhu CES sliboval revoluční sodíkové baterie • Experti však odhalili, že šlo pouze o obyčejný lithium-iontový akumulátor • Firma od drobných investorů podvodem získala zhruba 25 milionů dolarů