The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.
The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance.
Access to all other Claude models is not affected.
We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible.
Read our full statement: https://t.co/bwn0sximKZ
🔥🚨BREAKING: This job interviewer exposed a North Korean hacker who was applying for a job as an IT worker by asking him to simply say “Kim Jong-un is a fat ugly pig.”The candidate hesitated, and looked at the camera in daze as he remained silent refusing to say this simple sentence.
The process is simple: “Ask the suspected impostor to insult the country’s dictator Kim Jong Un, given that insulting him is illegal in the country and can result in harsh punishments. While this is a well-known strategy, we rarely see real-life examples of it working in real time.”
This clip truly epitomizes the age of Instagram stupidity, where the urge to record stuff is now powerful enough to override instincts programmed into humans since the dawn of time.
Hunting tips✨
Hunting malware leveraging telegram bots for C2 on VirusTotal:
Step 1: Go to https://t.co/Aps9I0Llu8
Step 2: Navigate to the Relations tab and open the "Communicating Files" section.
Step 3: Review the details of the samples listed there, then go to the "Relations" tab again and look for telegram bot network requests under "Contacted URLs".
Step 4: Enter the bot token and chat ID, then access the malware logs.
happy hunting!
Just discovered the @SEAL_911 team has written an incredibly indepth bible on opsec and best security practices.
Covers all aspects of web3 security & hacks for individual use and corporations
View here: https://t.co/AqV3NE1QRS
CISOs now face a new class of AI risks. The OWASP Top 10 for LLM Apps outlines the threats and how to prepare.
Explore this @PaloAltoNtwks interactive guide with mitigation suggestions:
https://t.co/JAVCaf7nXq
We're very happy to help the @FBI with processing another 630M passwords recently seized from a suspect. This includes 46M we'd never seen before, which are now all in @haveibeenpwned's Pwned Passwords, where they're queried 18 *billion* times a month: https://t.co/34qt5bK1j6
MITRE has released the 2025 CWE Top 25 most dangerous software vulnerabilities list, which includes three new buffer overflow weaknesses. https://t.co/OZ7GnLDCwU
A new malware called Maverick is spreading through WhatsApp Web.
It can copy your Chrome data to skip QR logins, turn off Defender, and message your contacts from your account.
Full story ↓ https://t.co/IN5oZi8snJ
‼️ China's largest cybersecurity firm, Knownsec, was breached, exposing details of China's state cyber operations.
The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.
A spreadsheet lists 80 hacked foreign organizations, plus evidence of 95 GB of stolen Indian immigration data and 3 TB of call records from South Korean mobile operator LG U Plus.
One of the documents mention a malicious power bank, disguised as a charging device.
Knownsec is key to China's cybersecurity, providing advanced defense and offensive capabilities, including espionage tools.
A thread with their tools 🧵
🚨 Android 0-Click Vulnerability in System Component Allows Remote Code Execution Attacks
Read more: https://t.co/qLamtcQ6Ft
Google has issued a critical security alert for Android devices, highlighting a severe zero-click vulnerability in the system's core components that could allow attackers to execute malicious code remotely without any user interaction.
The primary concern revolves around CVE-2025-48593, a remote code execution (RCE) bug discovered in the System component.
This vulnerability requires no additional privileges or user engagement, making it particularly dangerous.
Attackers could potentially exploit it via crafted network packets or malicious apps distributed through sideloads or third-party stores.
#cybersecuritynews
Check Point's @Tera0017 analyses the YouTube Ghost Network, a collection of malicious accounts that take advantage of YouTube’s features to distribute infostealers like Lumma, Rhadamanthys, StealC, RedLine, 0debug & other Phemedrone variants. https://t.co/Kdx0MVuN7v