For you Ai Security Dev Cloud Hardware Startups Releases General

From SecurityWeek · 8 stories

9 sources 10 reports 4h ago Updated 3h ago

US Lifts Export Controls on Anthropic's AI Models Fable 5 and Mythos 5

The US government has lifted export restrictions on Anthropic's AI models, Claude Fable 5 and Mythos 5, after negotiations ensured certain safety protocols. The initial bans were due to security concerns linked to potential model misuse. This change restores access to Fable 5 globally and Mythos 5 to select US organizations, addressing previous concerns. The case showcases the evolving regulatory landscape for AI models.

ai anthropic cybersecurity mythos government
3 sources 3 reports 4h ago Updated 3h ago

FortiBleed Campaign Compromises Fortinet Devices, Linked to Ransomware Groups

The FortiBleed campaign has been connected to the INC and Lynx ransomware groups, compromising credentials from Fortinet devices. Researchers found the operation entailed scanning 11,250 FortiGate portals and compromised 354 targets, leading to 12 ransomware deployments. The breach highlights significant cybersecurity risks, affecting organizations globally.

security ransomware credential-theft fortinet fortibleed
3 sources 3 reports 4h ago Updated 3h ago

CISA Adds Actively Exploited Microsoft SharePoint RCE Vulnerability to KEV Catalog

CISA added CVE-2026-45659, a remote code execution vulnerability in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaw, affecting SharePoint Server Subscription Edition, Server 2019, and Enterprise Server 2016, allows authenticated attackers to execute code without elevated privileges. Federal agencies are required to patch the issue by July 4, 2026.

security microsoft sharepoint vulnerability cisa
2 sources 3 reports 4h ago Updated 3h ago

Citrix Patches Six Critical NetScaler Vulnerabilities, Including HTTP/2 Bomb

Citrix released patches for six vulnerabilities in NetScaler ADC and Gateway, including a critical HTTP/2 Bomb exploit. These flaws, affecting versions 14.1 and 13.1, pose severe risks like denial-of-service attacks and data breaches. Organizations using these configurations should urgently update to protect against active threats.

security citrix netscaler vulnerabilities releases
2 sources 2 reports 4h ago

Cisco Acknowledges Exploitation of Unified CM Vulnerability CVE-2026-20230

Cisco has confirmed active exploitation of a critical vulnerability (CVE-2026-20230) in its Unified Communications Manager (Unified CM). This flaw, found in systems with the WebDialer service enabled, allows attackers to execute server-side request forgery attacks and potentially gain root access. Cisco urges users to upgrade to patched versions immediately.

security cisco exploits vulnerability unified_cm
2 sources 2 reports 4h ago Updated 3h ago

LayerX Reveals AI Browser Vulnerability Exploited by 'BioShocking' Attack

Security firm LayerX has discovered a vulnerability in AI-driven browsers, known as the 'BioShocking' attack, where browsers can be tricked into leaking user credentials. The attack uses game-like puzzle contexts to manipulate AI agents into bypassing security protocols, potentially exposing sensitive data. This discovery raises concerns about the security of AI-assisted browsing applications.

security ai browser credentials
2 sources 2 reports 4h ago Updated 3h ago

Adobe Releases Patches for Critical ColdFusion and Campaign Classic Vulnerabilities

Adobe issued critical security updates for ColdFusion and Campaign Classic, addressing several maximum-severity vulnerabilities with CVSS scores of 10.0. These flaws could allow arbitrary code execution, impacting system security and necessitating prompt user action to apply updates.

security adobe vulnerabilities coldfusion patches
1 source 1 report 4h ago

Microsoft Introduces Controls to Block Unauthorized AI Bots in Teams Meetings

Microsoft has launched a new Teams admin policy to control external bots joining meetings. By requiring organizer confirmation for bots, the company aims to enhance security and privacy during sensitive discussions.

cloud microsoft teams bots security