CQ

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: https://t.co/bwn0sximKZ

‼️🚨 Yet another Meta fuck-up: its account recovery function allows unauthenticated access to full account PII, including emails and phone numbers, from just a username. We verified the claim and found social media and wine-app accounts belonging to several public figures. We'll start with footballer Kylian Mbappé, who has a hidden TikTok account.

‼️🚨 Malicious actors can now use your SSD's activity, just by getting you to open their website, to spy on which other sites you're browsing and which apps you're running. The attack, called FROST, is accurate: 88.95% on identifying websites, 95.83% on identifying applications. It works on macOS and Linux, across browsers, and runs entirely in JavaScript. The browser makers were told, and largely shrugged. Chromium says fingerprinting isn't a security bug. Apple called it out of scope. Mozilla acknowledged it and shipped nothing. Researchers at Graz University of Technology developed the attack. It abuses the Origin Private File System, a browser feature that lets sites store files on your disk without asking. The attack creates one huge file, then constantly times how fast it can read from it. When you open another tab or launch an app, that activity competes for the same SSD, and the tiny changes in read speed leak what you're doing. A trained neural network turns those timing patterns into guesses about which site or app it is.