Uncategorized

Claude Mythos Has Found 271 Zero-Days in Firefox

That’s a lot. No, it’s an extraordinary number:

Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6, which led to fixes for 22 security-sensitive bugs in Firefox 148.

As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. This week’s release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation…

April 29, 2026

0 comment

What Anthropic’s Mythos Means for the Future of Cybersecurity

Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure that thousands of software developers working on those systems failed to find. This capability will have major security implications, compromising the devices and services we use every day. As a result, Anthropic is not releasing the model to the general public, but instead to a …

April 28, 2026

0 comment

Medieval Encrypted Letter Decoded

Sent by a Spanish diplomat. Apparently people have been working on it since it was rediscovered in 1860.

April 27, 2026

0 comment

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of 9.8), in the Breeze Cache WordPress plugin, allowing them to upload files to a server without authentication. The vulnerability has already been used in […]

April 25, 2026

0 comment

Friday Squid Blogging: How Squid Survived Extinction Events

Science news:

Scientists have finally cracked a long-standing mystery about squid and cuttlefish evolution by analyzing newly sequenced genomes alongside global datasets. The research reveals that these bizarre, intelligent creatures likely originated deep in the ocean over 100 million years ago, surviving mass extinction events by retreating into oxygen-rich deep-sea refuges. For millions of years, their evolution barely changed—until a dramatic post-extinction boom sparked rapid diversification as they moved into new shallow-water habitats. …

April 25, 2026

0 comment

Hiding Bluetooth Trackers in Mail

It was used to track a Dutch naval ship:

Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and mailed a postcard with a hidden tracker inside. Because of this, they were able to track the ship for about a day, watching it sail from Heraklion, Crete, before it turned towards Cyprus. While it only showed the location of that one vessel, knowing that it was part of a carrier strike group sailing in the Mediterranean could potentially put the entire fleet at risk…

April 24, 2026

0 comment

Checkmarx supply chain attack impacts Bitwarden npm distribution path

Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, researchers warn. The affected version, @bitwarden/cli 2026.4.0, contained malicious code hidden in the bw1.js file. The breach likely stemmed […]

April 24, 2026

0 comment

FBI Extracts Deleted Signal Messages from iPhone Notification Database

404 Media reports (alternate site):

The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database….

The news shows how forensic extraction—when someone has physical access to a device and is able to run specialized software on it—can yield sensitive data derived from secure messaging apps in unexpected places. Signal already has a setting that blocks message content from displaying in push notifications; the case highlights why such a feature might be important for some users to turn on…

April 23, 2026

0 comment

Microsoft Graph API misused by new GoGra Linux malware for hidden communication

A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is […]

MCYSEKA-Maritime Cyber Security Knowledge Archive

Global Cyber Security Educational Info Links – real-time news aggregation

Claude Mythos Has Found 271 Zero-Days in Firefox

What Anthropic’s Mythos Means for the Future of Cybersecurity

Medieval Encrypted Letter Decoded

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

Friday Squid Blogging: How Squid Survived Extinction Events

Hiding Bluetooth Trackers in Mail

Checkmarx supply chain attack impacts Bitwarden npm distribution path

FBI Extracts Deleted Signal Messages from iPhone Notification Database

Microsoft Graph API misused by new GoGra Linux malware for hidden communication

ICE Uses Graphite Spyware