From the Project Glasswing front,
- Cybersecurity Dive reports,
- “Anthropic on Wednesday [July 1, 2026] unfroze access to its advanced Fable and Mythos AI models after the Trump administration lifted an export-control ban.
- The return of the two models — with Fable 5 available for general use and the more powerful Mythos 5 limited to a coalition of trusted partners, as it was prior to the ban — represents significant progress in ongoing talks between President Donald Trump’s administration and AI firms over the responsible deployment of frontier AI models, an issue the U.S. government and the tech industry have sparred over in recent months.
- “In a Tuesday statement announcing a resolution to one of the AI race’s most intense clashes, Anthropic insisted that its models had always been safe and that the government had blown the situation out of proportion — suggesting that tense conversations still lie ahead about the balance between offering advanced capabilities to defenders and keeping them out of the hands of U.S. adversaries.”
- Bleeping Computer adds,
- “Anthropic says Claude Fable 5 won’t be accessible via Claude subscriptions after July 7, but it’s not a permanent change, and the company expects the model to return outside the usage-based plan soon.
- “Fable 5 was recently restored after the US government lifted export controls on Anthropic’s most powerful models, Fable 5 and Mythos 5.
- “As part of the redeployment, Anthropic said Fable 5 would be available globally on Claude.ai, Claude Code, Claude Cowork, and the Claude Platform.”
- and
- “Claude Fable, the company’s most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release.” * * *
- “[T]he real gut punch is the degraded performance, or as famously used in the AI community, the “nerfed” performance.
- “On Reddit, users are reporting that the restored Fable 5 feels weaker, or is simply being routed through stricter safety systems more often than before.
- “The new guardrails are kicking in on way too many tasks and falling back to Opus 4.8,” one user wrote in a Reddit post. “This is not the model that got banned.”
- “The problem is not just limited to Claude desktop, as Claude Code is also struggling with similar issues.”
- Observer interviews CrowdStrike president Michael Sentonas who “discusses Anthropic’s Claude Mythos and how A.I. could speed up vulnerability discovery and exploitation.”
From the cybersecurity policy and law enforcement front,
- Cyberscoop reports,
- “The Department of Homeland Security is bringing back a key cybersecurity information sharing effort with critical infrastructure, more than a year after the Trump administration shuttered an existing nerve center between government and private sector.
- “The Alliance of National Councils for Homeland Operational Resilience – Critical Infrastructure program, first reported by CyberScoop in January, is meant to replace the function of the Critical Infrastructure Partnership Advisory Council.
- “CIPAC was a federal advisory body that allowed agencies like the FBI, the Cybersecurity and Infrastructure Security Agency and the intelligence community to interact with key owners and operators of water, power, internet and telecommunications to coordinate on cyberattacks and digital vulnerabilities. ANCHOR will fulfill a similar role.
- “ANCHOR-CI will provide forums through which cybersecurity, law enforcement, intelligence, national security, and other government representatives at the federal, state, local, tribal, and territorial levels may engage representatives of private sector entities and critical infrastructure owners and operators in reviewing the current threat environment, discussing potential vulnerabilities, and forming recommendations on securing a more resilient critical infrastructure and cyberspace,” DHS wrote in a federal register notice set to publish July 1.
- “ANCHOR-CI will be managed by CISA, which will appoint members to the council from industry, trade associations, state and local governments and other sources.
- “The body will consist of four types of different councils: one focused on federally designated critical infrastructure sectors, cross-sector councils to deal with emerging threats like cyber attacks or zero-day vulnerabilities, critical infrastructure industry councils and regional coordinating councils.”
- and
- “Trump administration budget chief Russell Vought told lawmakers Tuesday that he’s willing to work with Department of Homeland Security Secretary Markwayne Mullin on re-staffing up the Cybersecurity and Infrastructure Security Agency, following deep personnel cuts and further proposed reductions in the fiscal 2027 budget blueprint.
- “Mullin said last week at a House Appropriations Subcommittee on Homeland Security hearing that he would like to hire 600 more people at CISA, similar to remarks he made earlier this month at another House hearing. President Donald Trump has cut or lost more than 1,000 from an agency that stood around 3,400-strong at the end of the Biden administration — cuts criticized by lawmakers in both parties.”
- Federal News Network relates,
- “The National Institute of Standards and Technology expects to advance high profile standards work around a “Cyber AI Profile” and securing artificial intelligence agents this summer, amid a flurry of federal activity aimed at addressing both the risks and opportunities for AI and cybersecurity.
- “NIST’s National Cybersecurity Center of Excellence (NCCoE) is now running six distinct projects focused on the intersection of AI and cyber. But Cherilyn Pascoe, director of the NCCoE, said AI is popping up across the center’s work, which focuses on practical guidance to advance secure technologies in collaboration with government agencies, industry and academia.
- “I think AI is going to be part, if not a leading part, of every project going forward at the center,” Pascoe said in an interview. “It is becoming so foundational to cybersecurity.”
- “Recent advancements in AI models like Anthropic’s Claude Mythos have shown the ability to quickly find software vulnerabilities and create cyber exploits much faster than humans.”
- Security Week tells us,
- “Google, the FBI, and other organizations coordinated in a joint effort to dismantle NetNut, a massive residential proxy network.
- “Also known as Popa, NetNut is believed to consist of more than 2 million Android devices such as smart TVs and streaming boxes, that have been infected through trojanized applications and malware such as Badbox 2.0.
- ‘The network’s operator, linked to the publicly-traded Israeli firm Alarum Technologies Ltd, rented the residential proxies to various threat actors, including cybercriminal and espionage groups.
- “In a single week in June, Google observed 316 distinct threat clusters using NetNut to hide their locations in password-spray attacks and to access victim environments.
- “We believe our coordinated actions have caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions,” Google said.
- “As part of the operation, the internet giant disabled Google accounts and associated services used for command-and-control (C&C), dismantling the botnet’s backend infrastructure.”
- Cyberscoop informs us,
- “19-year-old alleged member of the Scattered Spider extortion crew was extradited to the United States last week and remains in federal custody awaiting several cybercrime charges, the Justice Department said Wednesday.
- “Peter Stokes, a dual citizen of the United States and Estonia, was allegedly involved in Scattered Spider since it formed in 2022 and boasted on social media about the luxurious globetrotting life he enjoyed while he was still a child.
- “The cybercrime ring of young, native English-speaking people has infiltrated more than 100 businesses since 2022, and extorted more than $100 million from its victims around the world, officials said.”
From the cybersecurity breaches and vulnerabilities front,
- HIPAA Journal reports,
- “Verizon Business has released the findings from its inaugural Breach Impact Study, which focuses on the financial impact of data breaches. The BIS report is from the same authoring team as the Verizon Data Breach Investigations Report and was produced in partnership with CyberAcuView. The report is based on an analysis of around 70,000 U.S. cyber insurance claims, including 38,000 claims where the policies paid out. The data spans from January 2019 to October 2025.
- “In contrast to many data breach cost reports, the report is based on median claim amounts rather than averages, which are susceptible to skewing. In 2019, the median financial impact was around $60,000, rising by 80% to $110,000 in 2025, with data breach costs outpacing inflation, which was around 23% over the period of the study. More than half of paid-out claims exceeded $83,000, with 10% having an impact of $920,000 or more. The most extreme 2.5% of cases exceeded $5 million in losses.
- “The report shows that data breach costs almost doubled between 2019 and 2025, with business interruption the single largest loss driver, followed by loss to threat actor and response and recovery.”
- MedTech Dive relates,
- “Medtronic has begun to notify people who may have been affected by a cyberattack that was disclosed more than two months ago.
- “Medtronic provided the update in a statement posted to its website on Monday [June 29, 2026]. At this time, Medtronic has no evidence the data that was accessed has been publicly posted or exposed to the internet, according to the statement.
- “The company is providing 24 months of complimentary credit monitoring, dark web monitoring and identity theft restoration services. It is also setting up a dedicated call center to address questions for those affected.”
- Bleeping Computer tells us,
- “The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners.
- “The intrusion, first reported by Nextgov, was carried out by an unknown threat actor in recent weeks and is believed to have occurred sometime between late May and early June, according to two people familiar with the matter who spoke on the condition of anonymity.
- “DHS is currently investigating the attack and has reportedly not attributed it to any specific threat actor or foreign governments. Whether any documents were stolen from the system also remains unclear.”
- Cyberscoop informs us,
- “Toolkits to wage phishing campaigns are a now-venerable instrument for cybercriminals, but researchers recently turned up details on something like a full-fledged “business email compromise-as-a-service” platform.
- “Cisco Talos said Wednesday that it had found an operator panel dubbed ARToken, which shares infrastructure and other things in common with, and as an affiliate to, the EvilTokens phishing-as-a-service operation built to bypass multi-factor authentication and compromise Microsoft 365 accounts. EvilTokens has reportedly seen a dramatic increase in its phishing attacks — by 1,380% early this year compared to the same period last year — with an assist from artificial intelligence integration.
- “ARToken is notable, though, for the capabilities that go beyond what’s been made public about EvilTokens so far by companies like Sekoia and Microsoft itself, such as inbox rule manipulation and shared access links.
- “These features indicate the platform is more mature than a simple device code phishing kit — it is a complete BEC operations environment,” wrote Michael Kelley, security research engineer at Cisco Talos, in a blog post, referring to business email compromise scams that involve sending fake emails to solicit fraudulent payments.”
- and
- “Citrix published a security bulletin Tuesday [June 30] disclosing six vulnerabilities in NetScaler ADC and NetScaler Gateway appliances, including a high-severity memory disclosure flaw that researchers say belongs to a vulnerability class first identified in the 2023 incident known as CitrixBleed.
- “The company rated the overall bulletin severity as high and assigned CVSS scores ranging from 6.9 to 8.8 across the six CVEs. Citrix said customers should install the updated builds and, in one case, manually adjust a configuration parameter even after patching.
- “The most closely scrutinized of the vulnerabilities, CVE-2026-8451, was discovered by researchers at watchTowr, a cybersecurity firm that has published several prior analyses of issues in NetScaler products. According to a technical writeup the firm released alongside Tuesday’s disclosure, the vulnerability stems from how NetScaler parses SAML authentication requests when an appliance is configured as a SAML identity provider, a deployment mode commonly used for single sign-on.”
- CISA added two known exploited exploits (KVE) to its catalog this week.
- June 29, 2026
- CVE-2026-48558. SimpleHelp Authentication Bypass Vulnerability
- Cybersecurity Dive discusses this KVE here.
- CVE-2026-48558. SimpleHelp Authentication Bypass Vulnerability
- July 1, 2026
- CVE-2026-45659. Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
- Bleeping Computer discusses this KVE here.
- CVE-2026-45659. Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
- June 29, 2026
- Bleeping Computer adds,
- “CISA confirmed on Monday that ransomware gangs have begun exploiting a high-severity Microsoft Defender privilege escalation vulnerability that has previously been abused in zero-day attacks.
- “Dubbed BlueHammer, the security flaw (CVE-2026-33825) was leaked by a security researcher known as “Nightmare Eclipse” in early April, together with proof-of-concept exploit code, in protest at how the Microsoft Security Response Center (MSRC) handles the disclosure process.
- “Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally,” Microsoft explains in a security advisory.”
- Dark Reading notes,
- “NIST has reduced the number of CVEs receiving enrichment in the National Vulnerability Database since April due to a growing backlog, impacting the data available to security teams.
- “Research from Volerion found that, between April 15 and June 15, only 6,759 out of 13,441 non-rejected CVEs published to the NVD received NIST enrichment, causing coverage gaps, delayed analysis, and reliance on inconsistent CVSS scores provided by over 500 CVE Numbering Authorities (CNAs).
- “Volerion’s analysis identified issues with timeliness, enrichment quality, and scoring discrepancies—especially in critical metrics such as attack complexity—potentially causing organizations to misjudge vulnerability severity and prioritize incorrectly.
- “The report urges organizations not to rely solely on NIST or CNA CVSS scores for risk assessment, recommending the use of diverse metrics and independent analysis for more accurate prioritization.”
- Security Week points out,
- “Cisco confirmed that a recently patched vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) has been exploited in the wild.
- “Tracked as CVE-2026-20230 (CVSS score of 8.6), the security defect is described as the improper validation of specific HTTP requests, which could allow attackers to mount SSRF attacks.
- “Successful exploitation of the bug could lead to arbitrary files being dropped to the underlying operating system, which could then be used to gain root access.
- “Only appliances with the WebDialer service enabled are vulnerable, Cisco says. The service is disabled by default.”
- Cybersecurity Dive adds,
- “Researchers say a critical vulnerability in Oracle E-Business Suite is facing exploitation attempts by a threat actor.
- “The vulnerability, tracked as CVE-2026-46817, is a flaw in the Oracle Payments, and has a severity score of 9.8.
- “If successfully exploited, an unauthenticated attacker with network access via HTTP would be able to compromise the product.
- “Researchers at Defused observed a hacker exploiting the flaw on its Oracle E-Business honeypots, according to a post on X. The activity was observed on June 27 from a French IP address, but researchers said the threat actor was using a VPN.
- “There has been no prior known exploitation activity or any release of a proof of concept, researchers said.” * * *
- “Oracle previously addressed the vulnerability as part of a larger series of security patch updates in May.”
From the ransomware front,
- Dark Reading reports,
- The initial access broker (IAB) operation behind the credential-harvesting FortiBleed campaign is working in concert with ransomware actors, indicating the victims of the massive operation are now facing an even greater threat.
- Research published by SOCRadar this week connects FortiBleed actors with two ransomware-as-a-service (RaaS) gangs, Inc Ransom and Lynx. SOCRadar researchers discovered an operator behind the campaign’s infrastructure that was actively logged into the ransom negotiation panels for both groups, and “engaging directly with ransom demands.”
- “Finding a single operator working both panels, using infrastructure traceable back to FortiBleed, is the clearest evidence yet that FortiGate credentials harvested through this campaign are being handed off, or used directly, for ransomware deployment,” according to the SOCRadar blog post.
- “The connection to ransomware gangs marks the latest development in this saga. The attacks against insecure Fortinet FortiGate firewalls were initially discovered last month by security consultant Volodymyr “Bob” Diachenko. SOCRadar then later found that the attacks were part of a global campaign it dubbed “FortiBleed,” which had compromised thousands of devices and used a Golang-based sniffer to turn firewalls into credential stealers.”
- and
- “An emerging ransomware campaign is targeting small businesses across multiple regions with fake Interpol notices designed to trick victims into downloading malware disguised as evidence of alleged criminal activity.
- “The campaign has so far has targeted businesses in multiple sectors, including pharmaceuticals, food, agriculture, technology, media, and legal services in the US, Europe, Asia, and the Middle East.
- “Besides its focus on small businesses, the campaign is notable because it highlights how attackers no longer need sophisticated ransomware or the resources of a major cybercrime operation to launch disruptive attacks, Bitdefender said in a report this week. “Even relatively simple malware can become a serious threat when paired with convincing social engineering,” Bitdefender security analyst Alina Bizga wrote.”
- The Hacker News relates,
- “Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent.
- “Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving deeper into the network, then encrypting and wiping a company’s production database.
- “Ransomware has always needed a skilled person somewhere in the loop, either at the keyboard or writing the script the malware follows. If a model can chain those steps on its own, the skill needed to run an attack drops to whatever it costs to rent an AI agent.”
- “The way in was an old, already-patched bug. JADEPUFFER exploited CVE-2025-3248, a missing-authentication flaw in Langflow, an open-source tool for building AI apps and agent workflows. The flaw lets anyone who can reach the server run their own Python code on it, no login needed.” * * *
- “The fixes are familiar. Patch Langflow and never expose its code-running endpoints to the internet. Do not run AI tools with cloud keys and provider credentials sitting in their environment; keep secrets in a proper manager, away from anything the web can reach.
- “Harden Nacos: change the default signing key, keep it off the public internet, and never let it connect to its database as root. Never expose a database’s admin account to the internet, and lock down outbound traffic so a hacked server cannot phone home.”
- Cyberscoop explains,
- “How ransomware syndicates weaponize corporate-style organization
- “From outsourced labor to tiered pricing models, an inside look at how today’s top ransomware threats operate less like rogue hackers and more like Fortune 500 companies.”
- “How ransomware syndicates weaponize corporate-style organization
- Cybersecurity Dive informs us,
- “A massive credential-harvesting campaign, dubbed FortiBleed, is linked to two ransomware-as-a-service operations, tracked as INC ransom and Lynx, according to a blog post Wednesday [July 2, 2026] by cybersecurity firm SOCRadar.
- An operator with access to FortiBleed infrastructure was found to be logged into negotiation panels for INC as well as Lynx, researchers said.
- In certain cases, the attacks may have involved exploitation of a vulnerability in a content collaboration platform called Nextcloud. The analysis is still ongoing, so a public advisory or common vulnerabilities and exposures number has not yet been assigned.
- “The Nextcloud issue appears to have been used as part of the attackers’ broader operational workflow, likely for expansion or infrastructure access after initial compromise,” Ensar Seker, CISO at SOCRadar, told Cybersecurity Dive.
- “Not all cases involved Nextcloud, nor was compromise fully dependent on exploitation of the zero day.”
From the cybersecurity business and defenses front,
- The Wall Street Journal reports,
- “Chinese artificial-intelligence systems have matched the performance of Anthropic’s powerful model Mythos in some cybersecurity scenarios, a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy.
- “Security researchers said that a new AI model, released this month by China’s Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic’s and OpenAI’s products in other tasks.
- “Overall, the capability gap between top U.S. models and those built by Chinese companies has narrowed significantly, and use of Chinese AI systems has surged as businesses seek to rein in runaway costs. A host of companies, including Microsoft, are weighing how they can offer Chinese models on their platforms, a development that is set to alter the balance of power among tech companies.
- “China is making sure that the gap becomes smaller and smaller over time,” said Lior Div, chief executive officer of the cybersecurity company 7AI.”
- Dark Reading relates,
- “Red Hat and its parent IBM have committed an eye-popping $5 billion to Project Lightwell, a new subscription-based patching service for enterprises running business-critical systems that can’t risk the disruption of updating open-source software in production. It is the largest known commitment specifically targeting open-source software supply chain security — dwarfed only by Google’s broader $10 billion cybersecurity pledge in 2021, which also covered zero-trust and workforce training.”
- and
- “Apple is changing its approach to security patching, in response to the growing threat of accelerated artificial intelligence (AI) attacks.
- “The company has historically saved big, bundled sets of bug fixes for new versions of its operating system (OS). That’s set to change. The company released a variety of security updates June 29 for iPhones, iPads, Macbooks, and the Safari browser, untethered to any major version releases. It’s hardly the first time it’s released security updates out-of-band, but the motivation was different this time. According to Reuters, the company said “it was adapting to the reality that, given the ability of artificial intelligence to speed the development of malicious hacking tools, it needed to reduce the time between when updates were first made public and when they were put into customers’ hands.”
- Tech Target discusses “The agentic AI ‘lethal trifecta’: What CISOs should know.”
- “The very capabilities that make an AI agent useful also make it dangerous. Here’s what CISOs should know about the agentic AI lethal trifecta, and what they should do about it.”
- Security Week explains “How to Conduct a Successful Audit of AI-Driven Software Development.”
- “As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production.”
- Here’s a link to Dark Reading’s CISO Corner.
