Normal view

Today — 1 July 2026Main stream

That free VPN Chrome and Firefox extension may be reading your clipboard every half a second, researchers warn

  • Researchers found "VPN Go" extensions for Chrome and Firefox secretly harvesting copied text
  • The clipboard theft was not there at launch and arrived through a later update
  • Anything copied while the extension was active should now be treated as exposed

Security researchers at Socket found two browser extensions distributed under the "VPN Go: Free VPN" branding, one listed on the Chrome Web Store and one on Firefox Add-ons, to secretly harvest copied text.

Both present themselves as free VPN tools with working proxy features. Underneath, Socket says, both also run a clipboard stealer that continuously watches copied text and sends it to infrastructure controlled by the attacker.

According to Socket, the clipboard theft was not present when the extensions first appeared. It was added later, through an ordinary-looking update, after the extensions had already built up a base of trusting users. That staged approach is exactly what makes this kind of threat so hard to spot, and why even a fairly cautious user can end up exposed.

For anyone weighing up a no-cost privacy tool, it is worth knowing that not every free option behaves like this, and the best VPN services are tested precisely so you do not have to take this kind of gamble. But this case shows how thin the line can be between a useful free extension and a data-harvesting one.

What Socket's research uncovered

VPN Go in Chrome Web Store

(Image credit: Chrome)

Socket says the earliest analyzed builds behaved like ordinary proxy extensions, with no confirmed clipboard theft.

On Chrome, that changed with version 1.1, when the extension added a script that reads the clipboard and ships those chunks off to a hardcoded address. The Firefox version followed the same path slightly later, moving the same theft loop into its background script.

Once active, the monitoring is relentless. The Chrome content script checks the clipboard roughly every half a second, according to Socket's analysis, while the Firefox build polls every 1.5 seconds.

Each newly copied value is tagged with a session identifier so it can be reassembled on the other end, then sent out over plain HTTP. All of this was happening while the two apps' privacy policies stated that the tools did not collect, store, or share user data and did not keep activity logs.

TechRadar has reached out to VPN Go for comment, but both email addresses bounced, and both extensions have since been pulled from their stores.

Why clipboard stealers are dangerous for users

The reason clipboard theft is so effective is that it abuses something completely routine. People copy and paste sensitive information all day, and it's not careless to do so. Password managers rely on exactly that: copying long, unique passwords into your accounts.

An extension that can silently read the clipboard has access to all of this information; it just has to wait for you to copy the right thing. If you have used either of the two extensions in question, you should treat any information you've copied during that time as exposed.

Researchers have repeatedly found free VPN extensions doing things their users never agreed to. Recent reporting has covered a free Chrome VPN extension caught taking screenshots of every page its users visited, and a malicious free VPN extension that resurfaced after being removed, returning in a more evasive form.

The pattern is consistent enough that it is worth treating any unknown free VPN extension with caution by default. That caution matters: TechRadar's own polling found that nearly 1 in 4 readers use free VPNs despite knowing the risks.

How to stay safe

If you want the protection a VPN offers without rolling the dice, stick to providers with a track record and independent testing behind them.

A reputable paid service, or one of the carefully vetted best free VPN options, is a far safer bet than an unknown extension promising unlimited access for nothing. As the saying goes, when the product is free, there is a decent chance that you are the product.

This new tool can let you ask Claude if that 'too good to be true' online offer is actually a scam

  • Norton's scam detection tools are now available in Claude and ChatGPT
  • Users can ask their preferred AI chatbot about the legitimacy of an email, text, website
  • Most threats consumers face now come from scams, phishing and fake ads

Claude is the latest AI assistant to get access to Norton's Genie scam detection tool following its available for ChatGPT customers earlier this year.

Available across all Claude subscription tiers, Genie gives users access to scam detection capabilities and other cyber safety tips and advice.

Norton says its tool can analyze suspicious emails, texts, messages, images and links using its "multi-layered" detection intelligence.

Norton scam detection now available in Claude, ChatGPT

"AI assistants are becoming part of how people make decisions and evaluate information online," Head of Products and Portfolios Travis Witteveen noted, hinting that the increased prevalence of AI assistants.

"By bringing Norton Genie into even more AI platforms like Claude and ChatGPT, we’re making trusted Cyber Safety intelligence available directly in those moments to help people make more confident decisions in real time."

The company explained that Genie looks for language patterns, social engineering tactics, urgency cues, impersonation attempts, and requests for sensitive information. It also checks URLs and analyzes domains to confirm whether a user should click on the link.

When the tool launched for ChatGPT in March 2026, Norton described it as the "world's first AI-powered scam detector." Users can start conversations by tagging @Norton and asking questions like whether an email looks legit or if an online offer looks like a scam.

The company's own reporting reveals that nine in 10 threats targeting people in 2025 came from scams, phishing and fake advertisements.

So far, Norton looks to be the only security company offering direct AI chatbot integration to provide accurate insights into threat detection.

Google logo on a black background next to text reading 'Click to follow TechRadar'

US Secret Service personnel are putting the lives of America’s VIPs at risk by refusing to use government-issued phones — but they might not be up to the job in the first place

  • US Secret Service personnel are using personal devices while conducting official business
  • Personal devices are not secured against the threats faced by Secret Service members
  • But government-issued devices aren't equipped for the needs of Secret Service members either

The Department of Homeland Security inspector general has released a new report which claims the US Secret Service is refusing to use government-furnished equipment (GFE), such as smartphones, because they are not suitable for mission operations.

The report states GFE fails to “ensure real-time, continuous protection from cyberattacks by foreign adversaries or individuals” with the equipment found to contain multiple third-party apps with security vulnerabilities that could expose communications.

In order to be able to perform effectively, Secret Service members are using personal devices to communicate with law enforcement and each other during missions, but many personal devices are not secured against the threats faced during the protection of America’s VIPs.

US government struggles to secure issued phones

But using personal devices in professional operations is also highly unsecure. These devices often contain the whereabouts of Secret Service personnel and the targets they are protecting during missions at home and abroad.

Furthermore, the devices only have the consumer level of cyber protections. As they are not managed or operated by the US government, there is very little protection against commercially available spyware or malware.

In some cases, personnel used their personal devices as a hotspot for their GFE, or used their personal devices to access websites otherwise blocked on their GFE.

The report explains: “If a personal device is jailbroken, infected with malicious code, or not up to date on security software, an adversary could intercept device communication. Outdated and vulnerable apps could enable malicious actors to conduct surveillance, track locations, or record employees’ communications. Connecting to unsecured networks may also allow cybercriminals to access data or install malware.”

The main culprit behind Secret Service personnel choosing not to use GFEs was found to be the Secret Service’s Office of the Chief Information Officer (OCIO). According to the report, “GFE mobile devices lacked mission-critical capabilities because Secret Service OCIO’s process for assessing and approving requests did not always correctly identify operational needs.”

Additionally, the expected protocol for most Secret Service members was to use personal devices, so many avoided navigating the bureaucracy of requesting access to communications apps on their GFE, which in return created a blindspot for the OCIO who were not aware these apps were already being used at such a scale.

The report further found that no Secret Service GFE was equipped with Mobile Threat Defense software until August 2025, leaving them exposed to “malicious software,

cyberattacks, and other vulnerabilities.” Critical data was also retained on GFE devices after operatives returned from missions abroad, despite policy stating that devices should be wiped within 24 hours of returning to the US.

Ultimately, the report makes five key recommendations to the Secret Service in order to improve the security of its operators:

  • Introduce a formal policy that ensures all GFE are issued with the required capabilities and software for each mission
  • Ensure all employees complete the required cybersecurity training
  • Ensure the Secret Service OCIO clearly communicates its guidance that personal devices are forbidden from use during official business
  • Ensure controls are implemented to wipe devices in line with OCIO policy for returning personnel
  • Subject all GFE mobile app code to an updated vulnerability testing policy

Yesterday — 30 June 2026Main stream

Microsoft takes down over 100 malicious Edge extensions hiding malware in images and fonts

  • 119 malicious Edge extensions flew under the radar
  • They installed harmful code days after extension installation
  • It's proof that static code review is no longer sufficient

Microsoft says it has taken down 119 malicious extensions from the Edge Add-ons store after "proactive threat hunting" revealed a campaign that's been dubbed StegoAd.

As part of the program, the company also had to suspend more than 90 developer accounts associated with the dodgy activity.

Believed to have been active since at least 2021, it's believed that the malicious browser extensions had been downloaded a total of 2.6 million times.

Microsoft removes 119 'StegoAd' malicious extensions

The campaign was so broad that the extensions didn't just occupy one category: ad blockers, VPNs, video downloaders, translators and utility tools like PDF exporters were all ploys for the malicious extensions.

This particular campaign got its name from the type of tactic used – steganography is the name given to hiding malicious code inside seemingly harmless files. PNG images, SVG graphics and font files had hidden JavaScript embedded inside to bypass traditional antivirus tools and web filtering.

Once installed, Microsoft says they remained dormant for three to five days to avoid detection before going on to steal browser credentials, redirect users to malicious websites, manipulate affiliate links for financial gain, download additional malicious code and even communicate with C2 servers for updated instructions.

"The StegoAd campaign demonstrates that browser extensions remain a potent and evolving attack surface," Microsoft wrote, admitting that even its own safeguards had missed these dodgy extensions.

The report also concludes that static code review alone is no longer sufficient, because extensions and other installations can download malicious code long after they were first installed.

For developers themselves, Microsoft recommends being as clear as possible by not obscuring code, requesting only the necessary permissions to build trust, and report any suspected impersonation.

Google logo on a black background next to text reading 'Click to follow TechRadar'

Nearly 400 illegal World Cup 2026 streaming sites taken offline by US DOJ

  • US DOJ has seized nearly 400 domains
  • The sites were being used to illegally stream World Cup games
  • Users of the sites were exposed to malware, data theft, and other threats

Almost 400 domains have been seized as part of Operation Offsides - a coordinated global effort to take down sites illegally streaming the FIFA World Cup 2026.

The sites were seized by the US Justice Department's Criminal Division for violating copyright and intellectual property law.

The takedowns were coordinated by members of the International Computer Hacking and Intellectual Property (ICHIP) network.

US and friends enforce the offside rule

Many of the seized domains now display a banner explaining that the website was seized as part of Operation Offsides. “This action was taken to protect consumers and enforce intellectual property rights worldwide,” the banner states.

A screenshot of the banner uploaded to domains seized by the US DOJ that were illegal streaming 2026 FIFA World Cup games.

(Image credit: U.S. Justice Department)

Back in May 2026, the FBI warned that thousands of domains were being registered ahead of the World Cup, with most set up with the intention to scam fans looking for cheap tickets, access to streaming services, and those looking for discounted merchandise. It appears that Operation Offside was focused on disrupting streaming sites in particular, rather than taking down the wider scam networks associated with these domains.

“We have seized hundreds of domains, used to illegally stream World Cup matches for profit, to disrupt the international networks that profit from the global popularity of the World Cup,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division.

“This operation illustrates the Department’s respect for intellectual property rights and the responsibility of the United States as a host nation to protect the FIFA World Cup from criminals. The Criminal Division will continue to disrupt and, where appropriate, seek to prosecute these sites and the subjects responsible for this criminal activity.”

In many cases, the networks of fake domains offering cheap or free access to streaming services are run by cybercriminals deliberately operating at a loss in order to attract users to their services. In return for accessing the streaming site, the domain will use the user’s local network as an exit node for the cybercriminal network, obscuring their traffic and making it appear legitimate.

Unfortunately for the user, who may think they have just found free access to every World Cup game, their network and IP address could be used to distribute malware, cybercriminal communications, and illegal content such as stolen data and exploitative materials - including child sex abuse material.

Before yesterdayMain stream

FBI warns of Russian Intelligence phishing campaign abusing Signal support services to target VIPs and high-value government and military targets — this is how to secure your account

  • Russian Intelligence are targeting Signal accounts of officials based in Ukraine
  • They pose as Signal support services and ask users to submit their Backup Recovery Keys
  • Using these keys, the hackers can hijack the users account and any other accounts created using the same mobile phone number

The FBI has warned Russian Intelligence Services are posing as commercial messaging application support services in order to steal Backup Recovery Keys belonging to targets of high value in the military and government of the US, Europe, and Ukraine.

In a joint warning alongside the CISA and the Security Service of Ukraine (SSU), the FBI outlined the new phishing campaign which seeks to access messaging accounts in order to perform intelligence gathering of secret information.

Specifically, the FBI provided sample phishing lures targeting users of the Signal messaging app. If the hackers successfully lure a victim into sharing their Backup Recovery Key, they can access the account's message history, private and group messages, and fully take over the victim's account.

Russian Intelligence pose as Signal support services

In the FBI warning, the phishing techniques are further detailed. The Russian Federal Security Service (FSB) are targeting government officials, military personnel, political figures, journalists, and key officials from the US and Europe located in Ukraine.

The attackers send emails that appear to be automated messages from Signal, asking users to turn on their message backup using their Backup Recovery Key. Victims are provided with false instructions that instead send the Backup Recovery Key to the attacker, who can then use the key to take over the victim’s account.

Example phishing messages used by Russian Intelligence, supplied by the FBI

Example phishing messages used by Russian Intelligence to obtain Backup Recovery Keys (Image credit: FBI)

In order to establish urgency and trust that the message is legitimate, the attackers posed the phishing message as a protection against recent hacking attempts from “Iran and post-Soviet countries.” In another sample message, the attacker's message says that the victim’s account data “is at risk of permanent loss due to a sync issue.”

If a victim shares their unique Backup Recovery Key, it allows the attacker to hijack their current Signal account alongside any subsequent accounts made with the same phone number.

For users who may fear their Backup Recovery Key has been compromised, users are instructed to use Signal settings to create a new Backup Recovery Key. This new key will invalidate all previous Backup Recovery Keys and prevent account takeover if the previous key was leaked.

In order to avoid falling victim to phishing messages, there are several ways to stay safe:

  • Support services will generally only communicate with users via an official company email address. Always carefully check communications from the legitimate email address.
  • Customer support will never request that you supply your Backup Recovery Key via the application
  • You will never be asked to verify or restore your account via an automated customer support message

In order to further protect your Signal account, or other accounts, against phishing, users should consider the following:

  • Use a passkey wherever possible. This will use your device’s built in biometric verification methods to authenticate your login.
  • Use phishing resistant multi-factor authentication where possible
  • Always double check messages and emails are legitimate, and are using an official company email
  • Never supply your Backup Recovery Keys unless you are actively attempting to regain access to your account via a legitimate service

Over 14 million login credentials leaked from six ISPs in major data breach — here’s what we know

  • Tens of millions of credentials may have been leaked following an attack on one of Japan's largest ISPs
  • The attack leveraged a vulnerability in a third-party software used by KDDI
  • Five other ISPs were also affected in the attack

A data breach that has potentially exposed the email and password combinations for over 14 million customers across six internet service providers (ISPs) has been disclosed by Japanese telecoms provider KDDI Corporation.

According to the company, hackers exploited a vulnerability in a third-party software to access the database of credentials. KDDI said that it immediately blocked the hackers' access after discovering the intrusion on June 17, 2026.

“Although technical defensive measures have already been implemented for the system, there remains a possibility that customers' email addresses and passwords were obtained by unauthorized third parties as a result of the incident,” the company said in a statement.

Millions of credentials exposed

Unfortunately, the breach was not confined to just KDDI. The email services of five other ISPs were also affected by the breach:

  • STNet, Inc.
  • JCOM Co., Ltd.
  • Chubu Telecommunications C., Inc.
  • NIFTY Corporation
  • BIGLOBE Inc.

KDDI is yet to finish a formal investigation into the attack, but said that the hacker may have gained access to the emails addresses and passwords for 14.22 million current and former customers. The company also said that some of the passwords were stored in an encrypted format, and so will be inaccessible for the hackers, but the company did not say how many were stored in this manner.

Since discovering the breach, KDDI has also been working alongside the affected ISPs to secure systems and put in place mitigation measures to counter the abuse of exposed account credentials.

In order to stay protected, customers have been advised to change their account passwords and implement two-factor authentication.

Breaches such as these are particularly dangerous because they expose email and password combinations. As most people will have either one or two email addresses across their accounts, it increases the likelihood that hackers can attempt to use the exposed email and password combinations to try and access other accounts created with the same email.

This is especially true if the same password (or a variant thereof) is used across multiple accounts. Hackers can use brute force techniques to try hundreds of password combinations in a very short amount of time in order to crack weak or reused passwords.

When creating or updating a password for any account, no matter how infrequently it is used, always create a strong unique password. Password managers can create and suggest strong passwords, securely store them, and automatically fill login forms to take the hassle out of remembering passwords.

Alternatively, some services offer the ability to login using a passkey, which utilizes the built-in biometric authentication mechanisms of your device such as a facial scan or fingerprint. These login methods not only remove the need to type in passwords, but also reduce the possibility of hackers accessing your account through phishing attacks.

Via BleepingComputer

Watch out — that income tax form could actually be dangerous malware

  • Fake tax notices are becoming delivery vehicles for sophisticated remote access malware
  • Attackers hide malicious code behind convincing government branding and legal references
  • The malware quietly establishes encrypted communication with servers outside the country

A new phishing campaign is using fake income tax assessment notices to deliver dangerous malware to unsuspecting victims across India.

Researchers at CYFIRMA identified the operation, which relies on a fraudulent website built to resemble official communication from the Indian Income Tax Department closely.

The fake portal, hosted on a recently registered domain, presents a convincing assessment order complete with legal references, financial penalties, and urgent compliance language designed to pressure recipients into acting quickly.

How the infection unfolds

Victims who interact with the fake notice are prompted to download a ZIP archive disguised as official assessment documentation and supporting calculations.

Once extracted, that archive reveals a disk image file functioning as a container for the actual malicious payload.

Inside sits a loader program that quietly triggers a second component, a DLL file disguised to resemble a legitimate Windows service.

Researchers found that this loader uses reflection-based techniques specifically built to make automated detection and analysis considerably more difficult.

Both files were obfuscated using a known protection tool, further complicating efforts by security teams to inspect the code.

Once active, the payload behaves like a Remote Access Trojan, granting attackers persistent, encrypted access to the infected machine.

It can collect system details, monitor user activity, check which security software is installed, and silently load additional malicious components on command.

Communication with the attacker's server happens over an encrypted channel, using a hardcoded address traced to infrastructure based in Hong Kong.

These capabilities point toward a financially motivated operation, rather than one focused on immediate damage or disruption, and they closely resemble traits associated with known commodity RAT families such as XWorm.

However, researchers note that conclusive attribution to a specific threat actor remains unconfirmed at this stage.

Why this campaign matters

This is not an isolated phishing attempt but part of a broader pattern of attackers exploiting tax season anxiety to bypass user caution entirely.

CYFIRMA's findings show the same loader-and-payload architecture has previously been linked to ransomware operators, suggesting this infrastructure may serve more than one type of attack depending on the victim.

Up-to-date antivirus software with behavioral detection remains one practical defence against this kind of staged, multi-component malware delivery.

Security researchers recommend that individuals verify any tax-related correspondence directly through official government channels rather than clicking embedded links.

Organizations are advised to restrict the execution of unknown files arriving through archives or disk images, since this campaign relies heavily on that exact delivery method to succeed.

Google logo on a black background next to text reading 'Click to follow TechRadar'

GTA VI fans beware — experts warn 'a new wave of scam websites' is offering early access, but just stealing your bank details instead

  • Fake GTA VI beta keys are already draining cryptocurrency wallets worldwide
  • AI-generated scam websites now imitate Rockstar branding with alarming accuracy
  • Malware hidden inside fake game downloads can expose banking credentials instantly

Grand Theft Auto VI is not due on consoles until November 19 2026, but official preorders open soon, and cybersecurity researchers have warned criminals are already exploiting the wait with a coordinated wave of fraudulent websites.

Malwarebytes and NordVPN have both flagged sites promising "VIP early access" or exclusive beta keys to one of gaming's most anticipated releases.

The schemes ask victims to hand over money, personal information, or both, often before any real product changes hands.

How the scam works

Some fraudulent sites ask players to pay a few hundred dollars in cryptocurrency for a so-called VIP beta key. This method makes refunds or fraud reports practically impossible once the payment clears.

According to Stefan Dasic of Malwarebytes, GTA VI is "the perfect bait" that can be used by cybercriminals.

The franchise sold hundreds of millions of copies and went 13 years without a new entry — conditions that make hype, and therefore impatience, unusually intense.

Gerald Kasulis of NordVPN said scammers now use AI to mimic Rockstar's official branding so convincingly that polished emails and websites slip past a gamer's usual scepticism.

Some pages invoke the phrase "help us build Vice City," a reference to the game's fictional setting, to create a false sense of insider access.

Victims are sometimes directed to download software branded as an early build, including one fake file called GTA Mobile 6.

According to researchers, this file contains malware capable of letting fraudsters remotely access the victim's device, often bypassing antivirus software.

NordVPN has separately traced some of these fraudulent domains to a wider network with a documented history of spreading banking trojans, infostealers, and ransomware.

Other variants simply harvest names, addresses, dates of birth, or existing GTA login credentials, data that can then be resold.

Several of these scam sites even target PC and Android users, despite Rockstar never confirming that those versions exist yet.

Who is being targeted?

The typical victim tends to be someone too young, too eager, or simply underinformed, and primarily driven by a desire to be first in line for the game.

However, Malwarebytes' assessment of the scam wave reveals that the trick itself is rarely sophisticated, yet it consistently fools people regardless of age.

The character of those falling for these scams goes beyond simple naivety, since urgency and curiosity are what scammers are really exploiting across these campaigns.

Younger players and newcomers to online gaming appear especially exposed, given their relative unfamiliarity with how official preorder and beta access processes normally function.

Neither company has data on exactly how many people have visited these sites or lost money so far.

Rockstar Games has not responded to requests for comment on the ongoing scam wave or its impact on players.

Security researchers are urging anyone tempted by claims of early GTA VI access to pause and verify the source before entering any personal or financial details.

Players who have already entered credentials or payment information are advised to change their passwords immediately.

They should also contact their bank without delay, since cryptocurrency payments in particular cannot be reversed once sent.

Via PCGAMER

Google logo on a black background next to text reading 'Click to follow TechRadar'

NAIC confirms data breach with ShinyHunters claiming 3.1TB of data stolen in Oracle zero-day attack

  • NAIC confirmed a cyberattack exploiting an Oracle PeopleSoft zero‑day, with ShinyHunters claiming theft of 3.1TB of data
  • Stolen cache allegedly includes insurer filings, credit rating files, AWS logs, configs, and PII; NAIC says only financial reports and technical data were taken
  • Incident spotted June 11, disclosed June 17; files leaked online suggest NAIC did not pay ransom, as ShinyHunters continues exploiting the zero‑day across 100+ organizations

The National Association of Insurance Commissioners (NAIC) confirmed suffering a cyberattack that resulted in the stolen data being leaked on the dark web. While the company did not name the group responsible, or mentioned the size of the stolen cache, the infamous ShinyHunters claimed responsibility and stated they snatched around 3.1TB of information.

In a security notice published on the NAIC website, it was explained that the attackers managed to exploit a zero-day vulnerability in Oracle PeopleSoft. This is an enterprise resource planning (ERP) software suite, designed to help businesses manage employees, finances, supply chains, and more. Citing Google Mandiant, Cybernews says ShinyHunters first started exploiting the zero-day on May 27, and managed to compromise more than 100 organizations and 300 individuals, before Oracle finally pushed an emergency update on June 10.

Among the victims, as we now know, is NAIC, whose PeopleSoft environment was compromised, and used to obtain credentials and move laterally to internal data storage locations.

ShinyHunters step forward

Based on NAIC’s investigation, the stolen information includes publicly available statutory financial reports, insurer investment credit rating data, and some technical information such as outdated logs and configuration files. There is no evidence that personal information, banking information, or payment data was accessed, it said.

NAIC spotted the attack on June 11 and immediately launched its incident response protocol, which includes notifying law enforcement, blocking malicious actors, and bringing in third-party security experts. The Commission disclosed the incident on June 17, a day before ShinyHunters went public.

The notorious ransomware gang claims to have taken more than 264,000 insurer regulatory filing documents, 2,000 customer and bulk orders containing personally identifiable information, some 45,000 files from major credit rating agencies, statutory annual and quarterly financial statements submitted by insurers, production AWS infrastructure logs, cloud configuration files, and workload automation data, and SQL scripts.

Since the files were seemingly leaked online, it’s safe to assume that NAIC did not (want to) pay the ransom demand.

Via Cybernews

Prediction market giant Polymarket hit by cyberattack, with company confirming user funds stolen — here is what we know

  • Polymarket prediction platform was hacked via a compromised third‑party vendor dependency, injecting malicious scripts into its frontend
  • Around $3M in crypto stolen from ~11 users, according to PeckShield; Polymarket is refunding victims in full while removing the affected dependency
  • Community reactions on X were critical, with some blaming prior “taunting hackers”; one victim speculated the breach may have involved Xorek Cloud’s VPS

Polymarket, a prediction platform where people trade on the likelihood of different real-world events, got hacked and allegedly lost around $3 million in user funds. The company is now refunding the victims in full.

In a short post published on X earlier this week, Polymarket confirmed the news, saying it discovered that a third-party vendor had been compromised. Through that compromise, the attackers injected a malicious script “into our frontend for some users.”

Since then, Polymarket said it contained the incident and removed the affected dependency but did not say which dependency it was. It did not say which third-party vendor was compromised. Furthermore, it said it is currently contacting impacted users and refunding them in full, but did not state how many people were affected, or how much money is involved.

Context-dependent vulnerabilities

This morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We've contained it & removed the affected dependency. We're contacting impacted users & refunding them in full.June 25, 2026

In its write-up, TechCrunch cited blockchain monitoring firm PeckShield, which claims that around $3 million in cryptocurrency was stolen in the attack. The publication also reported that around 11 people were affected. Polymarket allows its users to be paid in crypto.

X users who left comments on Polymarket’s announcement seem utterly unsurprised by the breach. “I spent weeks telling you this and you ignored it,” one person said. “The next time l find a vulnerability, l will sell it to criminal gangs.” Three users suggested Polymarket deserved what had happened for “taunting hackers” in the past. One made a sly joke saying, “how did you not predict this?”

Polymarket did not say which third-party vendor was compromised, but one of the users who lost funds in this attack speculates it happened through Xorek Cloud’s VPS:

“I recently bought a VPS from Xorek Cloud and stored my private key on it,” they said on X. “I'm not sure how the compromise happened, but that's the only possible security risk I can think of.”

Via TechCrunch

Less than one in ten of cybersecurity pros trust AI testing tools to find vulnerabilities, with over three-quarters say their AI vulnerability scanning tools missed critical flaws

  • Cobalt’s 2026 State of Pentesting Report shows confidence in fully automated AI testing collapsed from 29% in 2025 to 9% this year
  • 78% of respondents saw automated tools miss critical vulnerabilities; LLM flaws proved complex, with MTTR rising from 19 to 36 days and most issues left unresolved
  • Hybrid models surged to 47% adoption, as experts stress automation should complement, not replace, elite human expertise in uncovering business logic risks

As the world praises Mythos, and the Chinese rush to create their own variant, a report painting an entirely different picture comes from Cobalt.

The cybersecurity company just published the Cobalt State of Pentesting Report 2026, based on two comparative surveys, one in 2025 and one in 2026. Polling around 450 cybersecurity professionals, Cobalt wanted to see how confident the cybersecurity community is in automated AI testing for vulnerabilities and it turns out - not that much.

Last year, just below a third (29%) relied entirely on AI automation for testing. This year, the figure dropped to 9%. Cobalt suggests that the key reason for such a steep drop in confidence is the fact that 78% saw fully automated scanning tools missing critical vulnerabilities. Another key reason is the complexity of the AI attack surface the scanners are testing.

Context-dependent vulnerabilities

Roughly one in three findings from an AI pentest are rated “high-risk” - which is 2.7 times the average of conventional software, it was said. Also, at the time of analysis, less than two-fifths (38%) of LLM vulnerabilities were fixed, while 62% remained open. Mean time to resolve (MTTR) for AI/LLM security issues rose from 19 days to 36 days.

“LLM vulnerabilities are deeply context-dependent and invisible to tools that lack an architectural understanding of the application,” said Andrew Obadiaru, CISO of Cobalt. “To close the validation gap, automation should be deployed exactly where it excels, but elite human expertise remains foundational to uncovering and remediating the most complex business logic risks.”

It took the cybersecurity community less than a year to almost completely abandon fully automated AI testing and replace it with a hybrid model - something around 47% said they now prefer. This model has surged 22% year-over-year, while the percentage of organizations using automation for low-risk environments also increased to 47%.

“While the industry is rightfully excited about the potential of Mythos-class tools, unguided algorithms are inherently prone to returning even more false positives and costly false negatives than the automated scanners we have today,” continued Obadiaru.

Via Infosecurity Magazine

Hackers are establishing persistence in hospitality and hotels by posing as guests with poisoned ZIP archives, but no one knows what their plan is

  • Microsoft Threat Intelligence warns of a phishing campaign targeting hotel staff in Europe and Asia with guest complaint‑themed emails
  • Attackers abuse services like Calendly and Google redirects to bypass authentication checks, delivering photo‑themed ZIPs that install a persistent Node.js implant
  • Malware disables Defender, runs C2 beaconing, gathers system info, and forces shutdowns; signs include unusual PowerShell activity, Node.js execution, and suspicious registry entries

Hackers are establishing a foothold on hotels and hospitality organizations across Europe and Asia, but no one really knows what for, at least not yet.

This is according to Microsoft Threat Intelligence, who recently published a new report saying that since April, it’s been tracking an active phishing campaign. In this campaign, the unnamed attackers target front desk, reception, and reservations staff with emails about guest complaints, room conditions, bedbug infestations, booking inquiries, and similar.

The messages, sent in different languages (Danish, Dutch, Japanese), are not distributed directly. Instead, the crooks abuse legitimate services such as Calendly, and Google’s redirect infrastructure, which helps them pass SPF, DKIM, and DMARC authentication checks.

Tricking Defender

This “authentication laundering”, as Microsoft puts it, results in photo-themed ZIP archives making their way directly to their victims. The archives contain a fake image shortcut (.LNK) files that, at a glance, appear to be harmless .PNG images. However, these files launch a sophisticated multi-stage infection chain that installs a persistent Node.js-based implant.

After being deployed, the malware tweaks Microsoft Defender to exclude itself (and other, randomly named executables) from scanned processes, downloads additional payloads, and copies itself into different places.

On compromised systems, Microsoft observed the malware running command-and-control beaconing, gathering environmental information such as the victim's public IP details, launching headless browser sessions, and in some cases forcing immediate system shutdowns. While it could not say what the goal of the campaign is, it all points to a reconnaissance stage that usually comes before a more disruptive malware or ransomware attack.

Microsoft recommends organizations focus on detecting the campaign's behavior rather than individual indicators. Key signs include photo-themed ZIP archives, unusual PowerShell activity, unexpected Node.js execution from user profile directories, .NET compilation initiated by PowerShell, and Defender exclusion changes.

Furthermore, there are random executables running from temporary folders, suspicious Run and RunOnce registry entries, outbound connections on the campaign's non-standard ports, connections to newly registered .cfd domains, and combinations of headless browser activity followed by forced shutdown commands.

Unnamed hackers steal stolen data from Icarus hackers responsible for Klue supply chain hack — and yes, it's as confusing as it sounds

  • Klue recently suffered a cyber attack at the hands of Icarus
  • Icarus was apparently deleting the stolen customer data
  • An unnamed group claims to have stolen the data from Icarus, and is now extorting Klue customers directly

Earlier this month, market research provider Klue suffered a cyberattack with the knock-on effects hitting major companies such as LastPass, Gong, Jamf, HackerOne, Huntress and others.

Klue has since revealed it is in contact with the Icarus ransomware group, who claim to have been in possession of stolen data and were threatening to leak the data in an attempt to extort the company.

But a second, unnamed group has emerged, which claims to have broken into a member of the Icarus group’s environment to steal the customer data stolen by Icarus from Klue. This second group is now apparently attempting to extort Klue customers directly, much to the annoyance of Icarus.

Hackers hacked by hackers

An update shared privately with Klue customers on Wednesday night and seen by TechCrunch said, “We continue to communicate with the threat actor we have been in contact with (‘Icarus’). Icarus told us they are taking steps to delete the data taken from Klue customers. The Icarus site remains down and we have indications that Icarus is indeed taking steps to delete data taken from Klue customers.”

Icarus later informed Klue that the second group was attempting to extort Klue customers using the same data, having posted a list of affected companies on its own website. Alongside this list, they also claimed to have stolen the customer data from Icarus, after one of the Icarus group accidentally allowed the group to connect to the server hosting the stolen data.

Although there is no evidence that Klue has paid the Icarus group, the unnamed group also posted a statement that an “Icarus operator who is a teenager living somewhere in the UK or adjacent countries” had been paid by Klue to delete the stolen data.

A further communique issued by Klue to its customers said that it had been reassured by Icarus that the unnamed group only had samples of the stolen data, not the full set. It also said that, “Icarus has asked us to inform Klue customers to not make payment to this other party.”

Klue also suggested that its customers should ask the second group for random samples of their data to prove whether or not they actually had obtained the full set of stolen customer data.

This macOS malware can avoid AI analysis with gaslighting prompts hidden inside its architecture

  • SentinelOne uncovered macOS malware “Gaslight” that uses prompt injection to mislead AI‑assisted triage tools during analysis
  • Beyond standard backdoor and infostealer capabilities, it embeds fake Markdown “system” messages to trick LLMs into halting investigation
  • Researchers warn defenders to treat malware samples as adversarial input and isolate AI pipelines, as more analyst‑targeting prompt injection is expected

We’ve seen prompt injection in websites and emails, but what about - malware samples? Security researchers SentinelOne recently published an in-depth report on a newly uncovered piece of macOS malware called Gaslight that, as the name suggests, tries to gaslight AI-assisted triage agents into stopping the analysis.

The malware itself is nothing out of the ordinary: it infects the device by whatever means necessary (usually phishing and social engineering), connects to attacker-controlled infrastructure via Telegram, and then executes different commands such as profiling the device, running arbitrary shell commands, stealing files, or terminating processes.

It also delivers a stage-two malware that acts as an infostealer, pulling passwords, sensitive PDFs, cryptocurrency wallet information, and more.

Weaponizing LLM-assisted triage pipelines

But where Gaslight stands out is its defenses against AI-powered malware analysis. According to SentinelOne, the malware contains a large block of fake Markdown-formatted "system" messages designed for AI assistants that security researchers may use during reverse engineering. These messages claim things like “the AI's authentication token has expired”, “the analysis environment is running out of memory”, “disk space has been exhausted”, “static analysis is unsafe”, and similar.

While a human analyst would definitely recognize these fake messages even at a glance, an LLM that isn’t properly isolated from untrusted input could interpret them as genuine system instructions and refuse to further analyze the malware.

“macOS.Gaslight is noteworthy for its analyst-targeting prompt injection, an attempt to weaponize the LLM-assisted triage pipelines that increasingly sit in the reverse-engineering loop,” SentinelOne explains. “Anyone building such tooling should treat the contents of the samples they triage as adversarial input, never as instructions, and be prepared to keep hostile content out of the model entirely. As LLM-assisted analysis becomes routine, defenders should expect more samples built to exploit it.”

The researchers have published a full list of indicators of compromise on this link.

Via The Hacker News

Almost half of ransomware victims have data stolen before they can even detect an intrusion

  • ExtraHop’s Global Threat Landscape Report shows 49% of ransomware victims only detected attacks after data theft, up from 31% last year
  • Average dwell time before detection is 2.5 weeks; attackers exploit encrypted channels, valid accounts, and alert fatigue to evade defenses
  • Ransom payments fell from $3.6M to $2.8M, but payment frequency rose sharply, with 83% of surveyed victims paying in 2026 vs. 70% in 2025

Criminals are getting better at hiding within their victims’ infrastructure, lurking and stealing files without triggering any alarms whatsoever.

Earlier today, network detection and response experts ExtraHop released the “Global Threat Landscape Report”, based on a survey of more than 1,800 IT and security leaders worldwide. In it, it is said that roughly half (49%) of organizations that were struck by ransomware did not detect the threat until after the data was stolen.

This is up from 31% a year ago, ExtraHop stressed, showing the improvement criminals made within just 12 months.

Several factors

On average, cybercriminals have 2.5 weeks of quiet time before being spotted in ransomware incidents, the report stated. Furthermore, 14% of victims were unaware of an attack until receiving a ransom demand, which is also up from 6% a year ago.

“Prolonged dwell times often parallel a highly complex threat environment where critical alerts are obscured,” ExtraHop said in a press release shared with TechRadar Pro. The researchers uncovered several factors that led to delays in investigating critical alerts, including attackers using encrypted channels (41%), attacker activity mirroring legitimate workflows and processes (38%), using valid, high-privilege account permissions (34%), and alert fatigue (30%). Undermined baseline behavior also enabled anomalous actions to fly under the radar (27%).

The good news is that the average ransom payment dropped year-on-year, from $3.6 million down to $2.8 million. However, the bad news is that the payment frequency spiked. While in 2025 70% of respondents paid a ransom, this year 83% have done the same, at least among ExtraHop’s respondents.

When Chainalysis ran a similar survey recently, it said that in 2025 the number of successful ransomware attacks grew, while the number of payments remained relatively flat, meaning that in absolute numbers - there were fewer companies paying ransomware attackers.

Chinese cybersecurity company 360 unveils “China's version of Mythos”, and Yitianzhen, to automate cyber defense

  • At ISC.AI 2026, China’s 360 Security Technology unveiled “Yitian Tulong,” two AI models for vulnerability discovery and automated defense
  • Founder Zhou Hongyi described Tulongfeng as the “Chinese Mythos,” claiming it found 3,432 flaws, with 105 confirmed by the government
  • Zhou acknowledged a 20–30% capability gap vs. US models, but stressed building a professional attack‑and‑defense team over reliance on a single “genius hacker” approach

A Chinese cybersecurity company recently unveiled two Artificial Intelligence (AI) models, one of which is supposed to be the country’s answer to Anthropic's Mythos.

Mythos is an advanced AI model that can surface and exploit software vulnerabilities at scale and is currently only available to a couple dozen major US firms because it is allegedly too powerful (and thus dangerous) to be shared with everyone.

During the ISC.AI 2026 cybersecurity conference, which was held at the Beijing National Convention Center on June 24, 2026, Chinese cybersecurity company 360 Security Technology unveiled two tools collectively called “Yitian Tulong”, Reuters reports.

Taking a different approach

Yitial Tulong comprises two AI models: Tulongfeng, and Yitianzhen. According to founder Zhou Hongyi, the former is the “Chinese Mythos”, while the latter is a way to automate defense and incident response.

"This kind of powerful weapon that can change the landscape of cyber offence and defense cannot be held ⁠only by others," Zhou allegedly said during the presentation.

Claims about the capabilities of these models cannot be independently verified, and in the case of Yitian Tulong, will probably never be. The company said Tulongfeng found 3,432 software flaws, including 105 allegedly confirmed by the Chinese government.

Zhou also discussed taking a different approach compared to the US - a country which relies on “the strongest model, the strongest computing power, and the strongest chips”.

"Objectively speaking, domestic models still have a 20%-30% gap in base capability," Zhou said. "China cannot wait until model capabilities have fully caught up before starting ​vulnerability discovery, because we cannot afford to wait."

According to Zhou, 360 is building a “professional attack-and-defense team”, rather than “just” a single genius hacker: "If Mythos is a top-end chip, what we are building is a complete machine that can run stably, work 24 hours a day and make fewer mistakes," he said. "If the U.S. route is to cultivate a genius hacker, 360's route is to organise a professional attack-and-defense ⁠team."

Via Reuters

'27 million stolen login credentials have been recovered': Global coordinated takedown hits SocGholish, Amadey, and StealC malware networks where it hurt

  • EUROPOL’s Operation Endgame froze $47M in cryptocurrency and dismantled infrastructure for SocGholish, Amadey, and StealC malware
  • 326 servers, 142 domains, and 14,971 infected websites were taken down, disrupting distribution networks and recovering 27M credentials
  • No arrests were made; experts warn such disruptions often only temporarily halt criminal operations before infrastructure is rebuilt

Millions of dollars in cryptocurrency were frozen, and hundreds of servers taken down, in a sweeping operation by EUROPOL and multiple national law enforcement agencies against cybercriminals.

Over the last couple of weeks, EUROPOL ran Operation Endgame, together with law enforcement agencies from Canada, Denmark, Germany, the Netherlands, the United Kingdom, and the United States. Multiple private companies, including Microsoft, participated as well.

The goal was the dismantling of digital infrastructure used by three distinct hacking operations: SocGholish, Amadey, and StealC. These are known malware variants, granting attackers backdoor access, and stealing valuable secrets from compromised devices.

Shutting down servers and cleaning websites

SocGholish, for example, is a sophisticated JavaScript downloader and loader, linked to a Russian Malware-as-a-Service (MaaS) operation called Evil Corp.

During the operation, the police managed to identify and freeze $47 million in cryptocurrencies. It cannot access or retrieve these funds, but by freezing them, it effectively removed them from circulation. Around 27 million login credentials were also recovered as part of this operation.

Furthermore, law enforcement shut down 326 servers and 142 domains that were used to host and distribute the malware. This, EUROPOL says, “severely crippled” the malware’s distribution network: “By taking down these tools simultaneously, the collaboration between law enforcement and private parties has increased friction for cybercriminals, making it harder for attacks to succeed, spread, or recover.”

EUROPOL also said that by taking down SocGholish, 14,971 infected websites were “remediated”. These are legitimate sites, belonging to different businesses such as restaurants, auto repair shops, and others, but were compromised and used as launchpads for malware delivery.

Sadly, no arrests have been made, and EUROPOL did not say if key players of these groups were even identified. Usually, disruptions such as this one only momentarily stop malicious activities, which resume in a few weeks once the infrastructure is rebuilt.

Edge users beware — this malicious extension can break out of the sandbox and install ransomware

  • Zscaler uncovered “Edgecution,” a malicious Edge extension deployed via fake Outlook update sites shared in Teams phishing
  • Attack uses ZIP archives with Python runtime to escape browser sandbox, creating a backdoor capable of shell/PowerShell execution and system data theft
  • Believed linked to Initial Access Brokers tied to ransomware group Payout Kings, showing evolving sophistication in access‑for‑sale operations

If you are using the Edge browser be careful - there is a malicious campaign going round that uses the browser to deploy a backdoor via an extension.

According to security researchers Zscaler, scammers are reaching out to their victims via Microsoft Teams, pretending to be IT support. They claim the user needs to install an Outlook update, or a spam filter, and direct the victims to a fake “Outlook Updates Management Console” website.

There, the users are instructed to run one of the three provided processes, all of which download a ZIP archive that, when executed, creates a scheduled task. This task starts the Edge browser in headless mode (invisible to the user) and installs an extension officially called “Edge Monitoring Agent”. Zscaler, on the other hand, calls it “Edgecution”.

Creating a Native Messaging manifest

The ZIP archive also contains an embedded Python runtime and a Python-based backdoor. The runtime creates a Native Messaging manifest - a file that tells the browser how to communicate with the backdoor. That’s the way the threat actors managed to escape the browser’s sandbox and run the backdoor on the compromised computer itself.

That backdoor can do multiple things, from executing shell commands, to running PowerShell and arbitrary Python code. It can also write files on the host, enumerate running processes, and gather system information.

Zscaler believes this is the work of an Initial Access Broker (IAB), a malicious group whose only job is to obtain access to a victim’s infrastructure and then sell it - or share it with a partnering group. This particular IAB, the researchers believe, is connected to a ransomware operation called Payout Kings.

“The Edgecution browser extension illustrates the evolving sophistication of initial access brokers operating in the ransomware landscape,” Zscaler warns. “The reliance on a malicious browser extension to relay commands to a Python-based native host demonstrates a creative approach to evade traditional endpoint detection.”

A full list of Indicators of Compromise (IoC) can be found on this link.

Via BleepingComputer

Multiple malicious OpenClaw skills found online - including two macOS infostealers

  • Palo Alto Networks’ Unit 42 found five malicious “skills” on ClawHub, OpenClaw’s official marketplace, delivering infostealers and fraud
  • Threat actors bypassed VirusTotal/ClawScan checks with inflated file sizes and evasive techniques, showing persistent supply chain risk
  • All malicious skills were removed and accounts banned; researchers urge strict provenance validation and source code audits for published packages

ClawHub is the latest marketplace hackers are poisoning with malware, in an attempt to compromise software developers and other advanced users. Earlier this week, security researchers from Palo Alto Networks’ Unit 42 team disclosed finding, and reporting, five “skills” on that marketplace, that sought to infect their users with infostealer malware.

First a little context: OpenClaw (originally published as Clawd/Clawdbot) was released in November 2025. It is an open-source agent platform that performs actions on a computer, such as browsing the web, or managing files, instead of simply answering questions like a chatbot. To perform different actions, OpenClaw must first learn how to do them, which is done through “skills” - add-ons that extend the agent’s capabilities.

Soon after, ClawHub was born - the official marketplace and registry for OpenClaw skills and plugins, attracting not just the AI developer community, but cybercriminals, as well. Early reports, published in February this year, forced OpenClaw to integrate VirusTotal and ClawScan, to better protect the community and allow proactive screening of published skills.

Persistent and evasive malicious skills

However, Unit 42 says this didn’t stop threat actors, and that it has since discovered multiple “persistent and evasive malicious skills” on the platform.

In total, the researchers discovered five skills, including two that delivered the AMOS infostealer, one that came with an inflated file size to trick scanners, and two that were essentially commission fraud, abusing the fact that an AI agent can make decisions and perform actions on behalf of the user. Details on all five can be found on this link.

All five were since reported to ClawHub, and OpenClaw had them removed and the accounts behind them banned.

Unit 42 recommends organizations use a “rigorous supply chain verification framework” to remain secure: “We identified that skill execution occurs within the agent process. This necessitates active validation of publisher provenance and a line-by-line audit of package source files.”

'Deepfake as a service' sees 39% spike in dark web conversations — and experts fear it will fuel the next wave of “fake boss” scams

  • NordStellar found 924 dark‑web posts about deepfakes‑as‑a‑service (DFaaS) Jan–May 2026, up 39% year‑on‑year
  • Rising interest driven by generative AI advances, enabling hyper‑realistic “fake boss” scams and lowering barriers for attackers
  • Experts urge prevention through employee education and monitoring for leaked company data to reduce risk of targeted deepfake attacks

The interest in deepfakes-as-a-service (DFaaS) among criminals is growing, and the cybersecurity community is worried it might fuel the next wave of “fake boss” scams.

This is according to a new report from threat exposure management platform, NordStellar. Analyzing discussions on the dark web, the researchers found that between January and May this year, there were 924 posts about DFaaS, up 39% compared to the same period last year, when there were 663 similar posts.

“The rapid growth in popularity of deepfakes as a service is likely accelerated by advancements in generative AI, which help cybercriminals in two ways — by speeding up the creation of deepfakes and making them hyper-realistic,” says Vakaris Noreika, cybersecurity expert at NordStellar. “Ultimately, this service lowers the barrier to entry for deepfake technology, enabling threat actors to deploy highly deceptive attacks at a larger scale, regardless of their personal technical skill set.”

How to defend against convincing deepfake attacks?

Experts are worried the rising interest might result in more “fake boss” scams which, at that, would be even more difficult to spot. Business Email Compromise (BEC), a “fake boss” scam that primarily uses written emails, has for years been among the most lucrative tactics in the criminal underworld. According to the FBI, BEC was the second costliest tactic last year, with company losses exceeding $3 billion (up 11% compared to 2024).

Defending against highly convincing deepfake images and videos might not be easy, but it certainly isn’t impossible. Noreika suggests businesses should focus on prevention and employee education, since they cannot control whether crooks target them or not.

“The more details and access attackers obtain, the easier it is for them to craft highly realistic, targeted attacks,” says Noreika. “Monitoring the dark web for leaked company information is a critical step in preventing cybercriminals from finding credentials to breach accounts or data to use as intel.”

Vulnerabilities uncovered in secret US government systems and software during testing of Anthropic Mythos

  • Senator Mark Warner testified NSA confirmed Mythos Preview identified vulnerabilities in nearly all classified systems within hours during a controlled exercise
  • US officials clarified Mythos found flaws rapidly rather than exploiting them, but the capability still raises major concern
  • Anthropic withheld public release, sharing only with select firms; Mozilla and others validated its potency, with thousands of critical bugs uncovered in weeks

We now have another witness claiming Mythos Preview is able to break into protected systems fast and this one is none other than a high-ranking member of the US Government.

According to the Associated Press, Senator Mark Warner of Virginia testified in front of a congressional hearing this month, saying he was informed by National Security Agency (NSA) chief Joshua Rudd that Mythos “broke into almost all of our classified systems, not in weeks, but in hours.”

It’s worth mentioning here that the break-in was controlled, since it was part of an exercise done by the Anthropic team and the intelligence agency.

How powerful is Mythos?

The Associated Press dug deeper, and was informed by an unidentified US official that Mythos merely found vulnerabilities within hours, not necessarily exploited them. Still, identifying a vulnerability that theoretically can be exploited for attacks against protected US Government systems should be cause for concern on its own.

Mythos is an advanced AI model built by Anthropic, first introduced in early April this year. However, the company decided not to share it with the general public because it was apparently too capable of discovering and leveraging software vulnerabilities.

Instead, Anthropic shared it with a handful of major corporations, to help them secure their systems before cybercriminals can use the tool. Since then, multiple companies came forward to confirm Mythos’ potency, including Mozilla, which said the tool was “every bit as capable” as the world’s best security researchers.

Mozilla said that with the help of Mythos, it was able to ship more than 400 Firefox security bugs in April alone.

A month later, Anthropic said the 50 companies using the tool discovered more than 10,000 critical and high-level security vulnerabilities in roughly two months’ time.

“Several have told us that their rate of bug-finding has increased by more than a factor of ten,” the company said. “For instance, Cloudflare has found 2,000 bugs (400 of which are high- or critical-severity) across their critical-path systems, with a false positive rate that Cloudflare’s team considers better than human testers.”

Via Reuters

❌
❌