Scoop: NSA using Anthropic's Mythos despite blacklist The government's cybersecurity needs are outweighing the Pentagon's feud with Anthropic.

scoop w/ @mccuri.bsky.social: The NSA has been using Anthropic's Mythos despite the Pentagon's instance that Anthropic is a "supply chain risk," according to two people.

The NSA was one of the 40+ orgs that got initial access to the model weeks ago, one source added.

www.axios.com/2026/04/19/n...

New Footage Shows Wanted Kinahan Cartel Kingpins Post-Sanctions - bellingcat Daniel and Christy Kinahan have been photographed in Dubai, marking the most recent sighting of the wanted crime bosses since the US levied sanctions against the cartel.

Breaking: Kinahan cartel leader Daniel Kinahan has been arrested in Dubai. It follows a Bellingcat investigation last month that traced him to an MMA event in Dubai - providing the first proof that the cartel's leadership was still in hiding in the UAE. www.bellingcat.com/news/2026/03...

The New York Times is now blocking The Wayback Machine from accessing its articles.

That means you'll no longer be able to view archived versions of NYT stories published in 2026 and beyond on archive.org.

(All those posts you see tracking changes to NYT headlines and ledes? They relied on WBM).

Far-right troll account followed by JD Vance on X unmasked “HowlingMutant,” who jokes about rape and the Holocaust, is Alexander Norden of New York City

NEW: We’ve identified the man who runs the far-right troll account on X “HowlingMutant,” whose jokes about rape and the Holocaust have earned him nearly 200,000 followers, which include Vice President JD Vance. His name is Alexander Norden, from Rockaway Park in New York City.

sometimes you gotta trawl through thousands of noxious posts to find the random nugget of gold that cracks open your investigation; here's the 4-star review that betrayed him www.goodreads.com/review/show/...

LABScon - Security Research in Real Time | LABScon Join us September 16-19th for LABScon, an intimate, invite-only event for the top cybersecurity minds to gather, share cutting-edge research.

infosec folks: the labscon CFP is open.

I went last year for the first time - and it's spendy (unless you're a speaker) but it's been one of the most impactful events of my career in multiple ways.

highly recommend you submit, highly recommend you attend regardless.

www.labscon.io

Full text of order here fingfx.thomsonreuters.com/gfx/legaldoc...

AI ruling prompts warnings from US lawyers: Your chats could be used against you As people increasingly turn to artificial intelligence for advice, some U.S. lawyers are telling their clients not to treat AI chatbots like trusted confidants when their freedom or legal liability is...

Chatbots are not attorneys and chats are not privileged, so attorney-client privilege does not apply to chatbots, acc to a federal judge's ruling last month www.reuters.com/legal/govern...

The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the problem shows no signs of going away.

NEW: Teenage boys are pulling classmates' photos off Insta and running them through cheap nudify apps and the fallout has now hit nearly 90 schools across 28 countries with 600+ known victims since 2023, per a WIRED/Indicator analysis.

UNICEF estimates 1.2M children were targeted last year alone.

Airbnb Hosts Don't Want to Talk to Guests Anymore, Are Outsourcing Messages to AI An entire industry of companies offers Airbnb hosts AI to speak to guests on their behalf. 404 Media poked around the industry after one AI tool offered a guest a recipe for French toast.

New: an entire industry now exists for Airbnb hosts to use AI to speak to their guests. I looked into it when one guest tricked the AI into providing a French toast recipe. I found companies that analyze guest message sentiment. Guests not pleased, obviously
www.404media.co/airbnb-hosts...

108 Chrome Extensions Linked to Data Exfiltration and Sessio... Campaign of 108 extensions harvests identities, steals sessions, and adds backdoors to browsers, all tied to the same C2 infrastructure.

Socket Security has discovered a cluster of 108 malicious Chrome extensions that steal and send user credentials to the same command-and-control server.

The extensions were published through five developer accounts and are still live on the official Chrome Web Store.

socket.dev/blog/108-chr...

US intelligence agencies' embrace of generative AI is at once wary and urgent U.S. intelligence agencies are scrambling to embrace the AI revolution, believing they’ll otherwise be smothered by an avalanche of data as surveillance tech further blankets the planet.

AI for analysis is not a new priority in the IC. In 2024, AP reported that “thousands of analysts across the 18 U.S. intelligence agencies now use a CIA-developed gen AI called Osiris” apnews.com/article/us-i...

Update on how CIA is using AI from agency’s deputy director, including “AI co-workers built into all of the agency’s analytic platforms” within next 2 years www.politico.com/news/2026/04...

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab One of the most notorious providers of abuse-friendly "bulletproof" web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Ka...

ShinyHunters most recent clearnet domain (breachforums.sb) seems to be down, and they're now linking directly to an IP address (91.215.85.22), which seems to be operated by Prospero OOO in Russia.

I have questions. krebsonsecurity.com/2025/02/noto...

NEW REPORT: “Uncovering Webloc: An Analysis of Penlink’s Ad-based Geolocation Surveillance Tech”

Our research confirms that ad-based surveillance tech Webloc is used by military, intelligence, and law enforcement agencies across the globe.

citizenlab.ca/research/ana...

Bellingcat is pleased to announce our work has received six Emmy award nominations. The winners will be announced in May. Here's a short thread on the work that we're proud to say has been highlighted 🧵

Would be interested in hearing your favorites!

Anthropic writes that developments in frontier models will require “ground-up reimagining of computer security as a field”

“Ultimately, it’s about to become very difficult for the security community”

Here’s another post w/ more details on some of the vulnerabilities that have already been patched + how Mythos Preview found exploits red.anthropic.com/2026/mythos-...

As part of Project Glasswing, the launch partners listed above will use Mythos Preview as part of their defensive security work; Anthropic will share what we learn so the whole industry can benefit. We have also extended access to a group of over 40 additional organizations that build or maintain critical software infrastructure so they can use the model to scan and secure both first-party and open-source systems. Anthropic is committing up to $100M in usage credits for Mythos Preview across these efforts, as well as $4M in direct donations to open-source security organizations.

Anthropic says it's only releasing its new model to cyber-defenders because it has already found zero-day exploits in every major operating system www.anthropic.com/glasswing

Members of neo-Nazi ‘active clubs’ join combat events at secretive Virginia compound Licensed school teacher and one-time police officer among those participating in riot-style gatherings as experts warn of threat to public safety

The first responders, school teacher, and business owner who were identified as fighters in a neo-Nazi fight event, refused to talk, then deleted their social media, will also claim being identified as a neo-Nazi doesn't matter anymore.

www.theguardian.com/us-news/ng-i...

The most surprising detail for me was this copy error

Russian espionage group APT28 compromised MikroTik and TP-Link routers to redirect traffic for certain authentication operations to AitM phishing kits

This botnet was taken down today by the FBI, DOJ, Lumen, and Microsoft

www.lumen.com/blog-and-new...

Russian government hackers broke into thousands of home routers to steal passwords | TechCrunch Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation.

NEW: Russian government hackers Fancy Bear used thousands of hacked routers to steal passwords and credentials from espionage targets.

Microsoft identified over 200 organizations and 5,000 consumer devices affected in the campaign. Lumen says there are at least 18,000 victims in ~120 countries.

Other tools/techniques used:

*Email address —> Google reviews
*Geolocation
*Crowdsourced phone contacts

Breach data helps crack another case

Unmasking the anonymous hosts of ‘Russians with Attitude,’ a pro-war podcast popular with US far-right Launched in 2020, "Russians with Attitude" ("RWA"), a podcast and social media project, has built a following among English-speaking right-wing audiences, predominantly in the United States. The proje...

The Kyiv Independent has unmasked the anonymous creators of the “Russians With Attitude” podcast. They are two ultranationalist Russian bloggers — one of whom has lived most of his life in Germany — who once openly fundraised for the Russian soldiers invading Ukraine.

When Satellite Imagery Goes Dark: New Tool Shows Damage in Iran and the Gulf - bellingcat Bellingcat is introducing an updated damage assessment tool — called the Iran Conflict Damage Proxy Map — focused on destruction in Iran and the Gulf .

With widespread internet blackouts in Iran and new restrictions on certain satellite imagery of the region at the request of the US government, Bellingcat is launching a tool to help estimate the damage in Iran and the wider Gulf region. www.bellingcat.com/resources/20...

“Every state in the West is expected to face an above-normal threat of wildfire this summer” laist.com/news/climate...

🫠