As discussions on the implications of new AI models for cybersecurity continue, Mozilla recently announced its successful usage of Anthropic’s Mythos Preview to identify and resolve 271 vulnerabilities in the latest Firefox 150 release. In a parallel development, researchers uncovered a group of North Korean hackers leveraging AI to create everything from malware to phony company websites, resulting in losses of up to $12 million in three months.
In a significant uncovering, researchers managed to decode the Fast16 malware, which dates back to before the infamous Stuxnet incident, and is believed to have been utilized against Iran’s nuclear efforts. Created back in 2005, it is thought to have been orchestrated by the United States or an allied nation.
In other news, the Consumer Federation of America has initiated a lawsuit against Meta for scam advertisements appearing on Facebook and Instagram, alleging the company misled users regarding its preventive measures against such scams. Additionally, a US surveillance program allowing the FBI to access American communications without a warrant is facing renewal debates among lawmakers, who remain divided on the issue. A new bill aimed at addressing these concerns appears to fall short of providing substantial solutions.
WIRED also explored the ongoing feud within the realm of mobile security surrounding GrapheneOS, a well-regarded privacy tool, alongside an odd account of China’s surveillance on US figure skater Alysa Liu and her father.
In a notable security breach, a group of users on Discord was able to gain unauthorized access to Anthropic’s Mythos AI tool. This access was achieved through basic investigative efforts, tied to a prior compromise of Mercor, an AI training startup. Though they obtained access to Mythos and other unreleased models, the group has reportedly opted to use it primarily for innocuous website-building instead of malicious actions.
Moreover, reports have emerged that surveillance companies are exploiting vulnerabilities in global telecom protocols, particularly SS7, to monitor phone locations, raising alarms about the security of these communications frameworks. In a related action, two alleged managers of scam centers in Southeast Asia have been charged for operating a human-trafficking-related scam in Myanmar, luring victims with false job opportunities.
In a concerning privacy breach, it was revealed that health records of over 500,000 UK citizens were found for sale on Alibaba, leading to the suspension of several accounts linked to the organization that mishandled the data.
Lastly, Apple has patched a critical bug that allowed the FBI to retrieve deleted message notifications from Signal, highlighting ongoing vulnerabilities related to digital communications. Users are encouraged to adjust their notification settings to enhance privacy even further.
For more details, please refer to the following links:
