The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic | flyingpenguin I’ve been getting more and more curious about the risk from Anthropic’s Claude Mythos Preview. So I pulled the system card, a whoppingly inefficient 244-page document that devotes just seven pages to…

The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic

www.flyingpenguin.com/the-boy-that... #cybersecurity #appsec #AI

Commission advances cloud sovereignty through strategic procurement This April, the European Commission awarded its Sovereign Cloud call for tender through which the EU institutions, bodies, offices and agencies (Union entities) will be able to procure sovereign…

"The European Commission awarded four [Sovereign #Cloud] contracts to ensure diversification and #resilience, avoiding potential lock-in by a single provider."

commission.europa.eu/news-and-med... #sovereignty

The “#AI Vulnerability Storm”: Building a “Mythos-ready” Security Program

labs.cloudsecurityalliance.org/research/ai-... #cybersecurity

"Aided by these [#AI coding] tools, tech workers are producing so much code so quickly that it has become too much to handle. With anyone able to spin up software ideas in a matter of hours, companies are trying to figure out how to deal with the glut."

www.nytimes.com/2026/04/06/t...

CISO MindMap 2026: What do InfoSec Professionals Really Do? The job of a Chief Information Security Officer (CISO) is complex. Many individuals outside the realm of cybersecurity often underestimate the intricacies involved in a security professional’s role.…

CISO MindMap 2026: What do #InfoSec Professionals Really Do?

Great map, although in my view it says more about the kinds of security tasks an organization may have than about #CISO responsibilities specifically.

rafeeqrehman.com/2026/04/11/c... #cybersecurity

"From the Baltic Sea to the Pacific Ocean, a global scramble is under way to protect submarine cables vulnerable to potential sabotage. The efforts underscore the challenge: There is no foolproof way to defend submarine cables."

www.wsj.com/tech/inside-...

Kremlin Hotline: How Hungary Coordinates With Russia Blocking Ukraine From the EU - VSquare.org Péter Szijjártó offered Sergey Lavrov to send EU documents through the Hungarian Embassy in Moscow. Leaked audio reveals a strikingly deferential, submissive attitude from Szijjártó toward Lavrov.

vsquare.org/kremlin-hotl... 😠

"In a truly optimistic future, we can imagine a self-healing network. AI agents continuously scan the ever-evolving corpus of commercial and custom AI-generated software for vulnerabilities, and automatically patch them on discovery."

www.schneier.com/blog/archive... #cybersecurity

LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions Every time you open LinkedIn in a Chrome-based browser, hidden JavaScript silently scans your computer for installed software without your knowledge, without your consent, and without a single word…

"Every time you open LinkedIn in a Chrome-based browser, hidden JavaScript silently scans your computer for installed software without your knowledge, without your consent, and without a single word in LinkedIn’s privacy policy."

cybersecuritynews.com/linkedin-cod... #privacy

Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks Microsoft, Amazon, Apple, CrowdStrike, Palo Alto Networks and others will use the model as part of a new cybersecurity initiative called Project Glasswing.

"Anthropic announced Claude Mythos Preview, which it said is an advanced #AI model that excels at identifying weaknesses and security flaws within software."

www.cnbc.com/2026/04/07/a... #cybersecurity

How many products does Microsoft have named ‘Copilot’? I mapped every one Update: Since this was published, the lovely internet community has let me know we were missing two Copilots: Gaming Copilot and Microsoft Dragon Copilot (🤦‍♀️). This brings the total to 80. The…

How many Microsoft Copilot tools you know?

teybannerman.com/strategy/202...

Inside the memos behind OpenAI's safety retreat A New Yorker investigation on OpenAI reveals new details around how is safety commitments have eroded over the years.

"A New Yorker investigation on OpenAI, based on hundreds of pages of previously undisclosed internal documents, builds the case that the company systematically abandoned its safety-first founding mission as it scaled up"

www.techbrew.com/stories/open... #AI

"From Europe to the Middle East, geopolitical conflicts have companies rereading the fine print on #insurance policies that deny coverage for wartime cyberattacks."

www.wsj.com/pro/cybersec... #cybersecurity

Don't glamorize cybercrims, roast them instead interview: True-crime tales of criminals making fools of themselves

"Everybody's glorifying threat actors, and that's not helping our customers or organizations. These are just individuals, they just use computers, and they just want to steal your data and make money. They're not mythical. They don't have superpowers."

www.theregister.com/2026/04/05/t...

"College senior Benjamin Brundage helped uncover the #Kimwolf botnet, which exploited a vulnerability in Ipidea’s software to launch over 26,000 cyberattacks."

www.wsj.com/tech/kimwolf...

European Commission cloud breach: a supply-chain compromise European Commission cloud breach: a supply-chain compromise

"CERT-EU is publishing this blog post to inform the wider community about a #cybersecurity incident affecting the European Commission’s public website platform hosted on Amazon Web Services (AWS) #cloud infrastructure."

cert.europa.eu/blog/europea... #breach

SANS 2026 #Cybersecurity Workforce Research Report:

"#AI is influencing how teams are structured - primarily through efficiency, not headcount reduction."

There Is No Antimemetics Division ( @qntm.org ): "When he is finished he closes the book and look at its front cover again. He feels a little better. He doesn't remember a word of what he just read." #book #quote

Security leaders say the next two years are going to be 'insane' Top security experts warn AI is discovering vulnerabilities exponentially faster than defenders can respond, creating a "perfect storm" for attackers over the next two years.

"#AI has made vulnerability discovery almost trivial, while remediation takes time and effort, creating a widening gap that favors attackers across every stage of the kill chain."

cyberscoop.com/ai-cyberatta... #cybersecurity

The Real Risk of Vibecoding Is vibecoding hurting your projects? Discover the hidden dangers behind this trend and how it can lead to unstable code, poor performance, and costly fixes.

"One of the biggest risks in vibe coding isn’t that nobody owns the code, it’s that ownership becomes fragmented."

www.trendmicro.com/en_us/resear... #appsec #cybersecurity #infosec

Quantum computers need vastly fewer resources than thought to break vital encryption No, the sky isn't falling, but Q Day is coming, and it won't be as expensive as thought.

"Building a utility-scale #quantum computer that can crack one of the most vital cryptosystems - elliptic curves - doesn’t require nearly the resources anticipated just a year or two ago." #PQC #cybersecurity #cryptography

arstechnica.com/security/202...

Claude Code's source code appears to have leaked: here's what we know The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a high-agency, reliable, and commercially viable AI agent.

"Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude Code, to the public."

venturebeat.com/technology/c...

This Is How Trump Is Already Threatening the Midterms WIRED surveyed the ways the Trump administration is working to manipulate this year’s midterm elections.

"Trump and his allies are quite openly engaged in a concerted and widespread effort to undermine trust in elections and, seemingly, to lay the foundations for baseless claims of rigged midterm elections in November."

www.wired.com/story/this-i...

I Decompiled the White House's New App The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's GitHub Pages.

"The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's GitHub Pages."

blog.thereallo.dev/blog/decompi... #security #privacy

Tekoäly ja osaaminen - Opetus- ja kulttuuriministeriö Valitse kieli:

"Kansalaisten tekoälyosaamisen viitekehys on jäsennelty rakenne, joka määrittelee, kuvaa ja luokittelee tekoälyn käyttämiseen liittyvää osaamista, taitoja ja tietoja."

okm.fi/tekoaly-ja-o... #AI

Two Ukrainian drones crash in southeastern Finland, air force confirms "Drones have strayed into Finnish territory. We take this very seriously," Defence Minister Antti Häkkänen (NCP) said.

"On Sunday morning, several small, slow-moving devices were detected flying at low altitude in Finnish airspace at sea and in southeastern parts of the country. The Air Force has confirmed that the #drones were Ukrainian"

yle.fi/a/74-20217941

Horros (Helena Immonen): "Senkin oli vaari hänelle opettanut: omat ongelmat piti itse ratkaista. Etenkin itse aiheutetut." #book #quote

What if Your AI Assistant Just Handed Over the Keys and Nobody Noticed? – Finnish AI Region AI agents are no longer just answering machines. They’re sending emails, executing code, managing files, and operating around the clock. A new red-teaming study suggests that the gap between what…

"The difference between a conversational #AI and an agentic one is the difference between a wrong answer and a wrong action."

www.fairedih.fi/en/2026/03/2...

Cyber Pulse: An AI Security Report | Security Insider With the rise in AI agent adoption, now is the time to implement observability, governance, and security. Read the Cyber Pulse report for expert insights.

"#AI agents are scaling faster than some companies can see them and that visibility gap is a business risk. Organizations urgently need effective governance and security to safely adopt agents, promote innovation, and reduce risk."

www.microsoft.com/en-us/securi... #cybersecurity

Why Has the US Banned Foreign-Made Routers? The FCC just banned the sale of new consumer-grade Wi-Fi routers manufactured outside the US. Here’s what it means for you.

"The FCC just banned the sale of new consumer-grade Wi-Fi routers manufactured outside the US. The only routers I know of that are manufactured in the US are some Starlink Wi-Fi routers."

www.wired.com/story/us-gov...