Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Latest News

UAE Becomes First Arab Nation to Ban Social Media for Children Under 15

  The United Arab Emirates has become the first Arab nation to impose a comprehensive ban on social media use for children under the age of ...

All the recent news you need to know

BlueHammer Microsoft Defender Vulnerability Linked to Ransomware Attacks After CISA Confirms Active Exploitation

 

Microsoft Defender users are advised to update their software after discovering a security flaw known as BlueHammer was used in ransomware attacks. The weakness with identifier CVE-2026-33825 has been added to the list of flaws actively used by malicious actors. It is part of the growing trend of ransomware attackers using zero-day issues. 

The issue was uncovered after the cybersecurity researcher, otherwise known as Chaotic Eclipse or Nightmare Eclipse, shared the information regarding another vulnerability before the update was released. The same individual has criticized Microsoft several times over their approach to disclosure of security weaknesses. The researcher has published multiple posts about actively used problems prior to the official date of their resolution. 

Microsoft published the details regarding BlueHammer on April 2nd, whereas the security update was released on April 14th. The flaw was categorized as a privilege escalation vulnerability with the ability to escalate the privileges of an authenticated attacker. However, Microsoft updated the description, specifying the risk as more likely than not, while refraining from officially acknowledging active exploitation. 

According to the independent security researchers, the vulnerability was actively used by ransomware operators before the release of the mentioned security update. The evidence came from the report by the Huntress team, which discovered multiple attacks that incorporated CVE-2026-33825 as a zero-day exploit. This information has prompted the addition of the weakness to the CISA’s Known Exploited Vulnerabilities (KEV) list on April 22nd, with the updated listing providing the additional context of ransomware attacks. 

Despite the confirmation of ransomware attacks, the one issued by CISA does not indicate what group may be responsible for them. There is no public evidence linking BlueHammer to any known ransomware group or family. In spite of that, the weakness has been actively used in ransomware operations. At the same time, it is unclear whether other ransomware groups have used it or may be using it currently. The issue has also prompted the debate over the response to such incidents, with the critics suggesting that the defenders and security researchers are not notified when the weaknesses are added to the ransomware operations. 

In practice, the CISA only updates the KEV list periodically. It does not provide threat intelligence and response support for individual organizations every time when the weakness is added to the list. Some security experts have stated that the better alternative would be to notify the defenders directly. In the meantime, a threat intelligence company GreyNoise has announced the availability of a free service that monitors the KEV list for changes, indicating when the weakness is updated to include the details of a ransomware attack. 

The discovery of BlueHammer presents an illustrative example of how fast the ransomware attackers can adopt and incorporate the newly discovered vulnerabilities into their operations. Experts advise the defenders to always remain alert, apply the Microsoft security updates in a timely manner and monitor the threats intelligence channels for the relevant weaknesses. The ransomware operators continue to pursue the opportunities, which render the prompt response to the updates crucial.

Remote Exploits Target Controller Flaws in Highway Signs and Digital Billboards


 

With the increasing integration of digital display infrastructure within transportation networks and public information systems, vulnerabilities within controllers that operate these assets present an increasing threat to cybersecurity. 

A number of Daktronics display controllers have been reported to contain critical and high-severity vulnerabilities that could allow unauthorized remote access to the content appearing on the highway message boards, roadside signs, and digital billboards. 

According to an independent cybersecurity researcher who identified the security flaws and subsequently published an advisory, widespread deployment of controller models for the management of large-scale LED display systems within highways, airports, sports stadiums, and urban advertising networks are affected by the flaws. 

A variety of vulnerabilities within operating display technologies are identified in this study, which illustrate how they can affect more than just the security of the system, resulting in tangible risk to public communications, infrastructure integrity, and reliability of information delivered via connected electronic signage. 

According to the latest advisory issued by CISA under ICSA-26-176-04, the Daktronics VFC-DMP-5000, DMP-5000, and DMP-8000 display controllers are affected. A total of nine vulnerabilities have been disclosed which expose weaknesses across directory access, file management, and administrative authentication. One of the vulnerabilities, CVE-2026-28701, allows both authenticated and unauthenticated remote users to enumerate arbitrary paths on the file system irrespective of their identity. Secondly, CVE-2026-33560 pertains to the DMP-5000 file service, where authenticated users can upload files of any type without being validated, enabling the deployment of unauthorized content. CVE-2026-31928 relates to a default administrative web account that is configured with weak authentication controls and does not require password modification during deployment, which allows attackers to gain full control of the system if left unchanged. 

Security researcher Thomas Jou, an undergraduate at Princeton University, discovered the vulnerabilities after discovering a number of internet-facing controllers with the potential to be remotely targeted. It has been reported that Jou submitted his findings via CISA's VINCE vulnerability reporting platform in early January 2026, which enabled Daktronics to prepare patched firmware by early March, prior to the release of a public advisory.

Despite the availability of updated firmware, the researcher stressed that organizations must ensure affected controllers are not exposed directly to the public internet, as patching alone does not eliminate unnecessary attack surfaces. In addition to the mitigation guidance provided by Daktronics, customers are encouraged to change default administrative credentials. 

In June, a security incident involving a FIFA World Cup API authorization flaw exposed live television broadcasts to an account takeover, following several instances of security incidents involving publicly accessible infrastructure and digital platforms. A cPanel vulnerability affecting over 550,000 servers was exploited last month, as was the compromise of airport public address systems across Canada and the United States last year, during which unauthorized political and anti-Israel messages were broadcast. 

These incidents provide an example of how overlooked vulnerabilities in internet-connected communication and operational systems can rapidly develop into high-impact disruptions with public consequences if not addressed. The underlying controllers of connected display technologies require the same level of security oversight as any other internet-accessible operational system as they become an integral component of public infrastructure. 

The timely management of patches, removal of unnecessary external exposures, and strong authentication practices are all necessary to prevent vulnerabilities from becoming potential avenues for real-world disruption. As operators are reminded by these findings, the resilience of public-facing digital infrastructure depends on both its deployment and its design in equal measure.

Anthropic to Restore Access to Claude Fable 5 After U.S. Lifts Export Controls



Anthropic is preparing to restore access to its Claude Fable 5 artificial intelligence model after the U.S. Department of Commerce lifted export controls that had temporarily restricted deployment of the company's most advanced AI systems.

The company announced on X that access to Claude Fable 5 will begin returning on Wednesday following the government's decision. Anthropic also confirmed that the export restrictions affecting both Claude Fable 5 and Claude Mythos 5 have been removed.

"We've received notice that the Department of Commerce has lifted export controls on Claude Fable 5 and Mythos 5," the company said in its statement, adding that it will begin restoring access on Wednesday and provide additional updates as the rollout progresses.

Anthropic also thanked its community for its patience during the temporary suspension and acknowledged the teams involved in preparing the models for redeployment.

Although the rollout is set to begin immediately, the company has not clarified whether Claude Fable 5 will become available to all users at the same time. It remains uncertain whether users outside the United States will regain access during the initial phase of the deployment or whether availability will expand gradually across different regions.

The export restrictions were introduced earlier after U.S. authorities raised national security concerns surrounding the deployment of highly capable frontier AI models. During that period, Anthropic temporarily suspended access while it worked to comply with government requirements and strengthen safeguards governing the release of its latest systems.

While restoring access to its models, Anthropic also appears to be expanding identity verification measures for certain Claude services.

Recent references to Know Your Customer (KYC) procedures discovered on the company's website suggest that some users may soon be required to verify their identities before accessing specific Claude capabilities. The references have prompted speculation that advanced models such as Claude Fable 5 could initially be limited to verified users or become available only in certain regions as Anthropic gradually expands access.

According to Anthropic's support documentation, identity verification is being introduced for a limited number of use cases. Users may encounter verification requests when using particular Claude features, during routine platform integrity reviews, or as part of broader safety, security and regulatory compliance checks.

The company says the verification process is intended to reduce abuse of its AI systems, enforce platform usage policies and meet legal obligations associated with operating increasingly powerful AI technologies.

"Being responsible with powerful technology starts with knowing who is using it," Anthropic said while explaining the purpose of the new verification measures.

Anthropic has selected Persona as its identity verification provider. Users who are asked to complete verification may be required to submit a valid government-issued photo identification document, including a passport, driver's license, state or provincial identification card, or a national identity card.

The company notes that several forms of identification will not be accepted during the verification process. These include photocopies, screenshots, scanned documents, mobile IDs, student identification cards, employee badges, bank cards and temporary paper identification documents.

Some users may also be asked to complete a live selfie verification using the camera on a computer or mobile device. According to Anthropic, the entire verification process typically takes less than five minutes to complete.

Addressing privacy concerns, the company says identity documents and selfie data are collected and stored by Persona rather than directly within Anthropic's own systems. However, Anthropic may access verification records through Persona when necessary, including during account review or appeal processes.

Anthropic also emphasized that identity verification information is not used to train Claude's AI models. Instead, the data is used solely to confirm a user's identity and to satisfy the company's legal, safety and compliance responsibilities.

The restoration of Claude Fable 5, together with the introduction of targeted identity verification measures, reflects the growing intersection of frontier AI development, government oversight and platform security. As developers release increasingly capable AI systems, compliance requirements, export regulations and stronger user verification are becoming a more prominent part of deploying advanced models responsibly.

Chatting Without Username: WhatsApp Rolls Out Username Feature


When a new person walks into our lives, sharing our phone numbers can be a big step as it’s personal and connected to many spheres of our lives. At times, we wish to chat without revealing our contacts. 

WhatsApp users will soon have a new option to talk without exposing their contact numbers. Prior to the wider update set for this year, WhatsApp has started launching username reservations in advance, permitting people to pre-claim a unique username before the feature becomes publicly available. 

“For most people, choosing a WhatsApp username should be something unique that only people you want to contact you will know. If you need help picking one, we have a username generator to make one work just for you. We also know that some people like creators, small businesses, and organizations may want to maintain a consistent presence online. For them, we reserved an option to claim their existing Instagram or Facebook username on WhatsApp.” WhatsApp wrote in its blog. 

This move is said to be WhatsApp’s one of the biggest privacy-focused modifications, allowing users to start chats through a username instead of showing their contact number. WhatsApp released the feature in an official blog post recently, and said the feature launch will take place gradually in the next few months. 

Users can book usernames

The company has started allowing users to book a username in advance so that they can choose the handle they want and have a better chance. The early reservation process is important because WhatsApp now has over three billion users across the world. This feature will be optional and gradually allow users to replace their contact number with a user handle when texting someone for the first time (but the username has to be turned on). 

How to set a user handle

Users can see the feature by updating to the latest version and going to Settings > Account > Username.

The users will get an in-app notification when the feature is available in their country. 

If someone has already taken your user name, WhatsApp will offer a built-in userhandle generator that provides alternative unique handles.

Focusing on privacy and security

Contrary to many social media platforms, WhatsApp will not launch a searchable username directory. Users can only contact someone if they know the specific username.

Post-Quantum Cryptography Readiness Becomes a Strategic Cybersecurity Priority for Enterprises

 

Though practical quantum computers may still be years away, organizations are already preparing for the security risks they could create. Post-quantum cryptography has shifted from research into real-world planning as experts warn current encryption could eventually become vulnerable. Rather than waiting for that moment, many businesses are reviewing existing systems now. 

Early preparation is increasingly viewed as essential because delaying changes could make future transitions far more difficult. Fresh policies are adding urgency by setting clear expectations for organizations responsible for protecting critical infrastructure and sensitive data. Quantum readiness is no longer seen as only an IT issue but a business-wide priority involving leadership, governance, funding, and long-term planning. 

Instead of simply replacing outdated encryption, organizations are expected to build flexible strategies that can adapt to future cryptographic standards. A major concern is the “harvest now, decrypt later” threat. Attackers may steal encrypted information today and store it until quantum computers become powerful enough to decrypt it. 

Intellectual property, healthcare records, financial information, source code, and government communications with long-term value could all become exposed in the future, even if current encryption remains secure against today’s computers. The challenge is no longer just preparing for future technology but protecting data that must remain confidential for years. Organizations handling highly sensitive or regulated information may need to begin migration sooner because the consequences of delayed action could be far greater.  

Cybersecurity leaders recommend assigning clear ownership of post-quantum initiatives instead of leaving responsibility with individual application teams. Cross-functional groups involving security, IT, engineering, legal, compliance, procurement, and business leadership are better positioned to manage the transition since encryption supports nearly every part of modern digital operations. 

A critical first step is identifying where cryptography exists throughout the organization. Many companies lack a complete view of which systems rely on specific algorithms, certificates, keys, authentication methods, APIs, cloud environments, and third-party services. Without that visibility, assessing risks or deciding migration priorities becomes extremely difficult. Security experts also stress that this inventory should remain continuously updated rather than existing as a static spreadsheet. 

Ongoing visibility helps organizations identify systems requiring stronger protection, understand dependencies, provide accurate regulatory reporting, and give executives a realistic view of progress. Once cryptographic assets are fully mapped, organizations can prioritize migration based on business impact. Systems protecting customer information, healthcare data, financial services, critical infrastructure, digital identities, and software integrity generally require attention before less critical environments, allowing organizations to spread the transition over several years. 

Preparing for post-quantum security also requires dedicated investment. Funding must support discovery tools, testing environments, migration programs, automation, and governance. Organizations will also need specialists with expertise in cryptography, enterprise architecture, public key infrastructure, compliance, and cybersecurity to guide the transition effectively. Long-term success depends on achieving crypto-agility—the ability to update cryptographic algorithms without rebuilding entire systems. 

Rather than treating post-quantum cryptography as a one-time project, many organizations are designing adaptable security architectures capable of evolving alongside future standards. As artificial intelligence, autonomous technologies, and increasingly complex digital ecosystems continue to expand, flexible cryptographic infrastructure will become even more important.  

Although no one knows exactly when quantum computers capable of breaking today’s encryption will become reality, many cybersecurity experts believe organizations should begin preparing now. Companies that establish governance, maintain visibility into cryptographic assets, and gradually modernize their infrastructure will be better positioned to adapt as quantum computing—and the security landscape—continues to evolve.

GPT-5.6 Sol Debuts With Enhanced Cyber Protections, Limited to Trusted Partners


 

An open preview of OpenAI's next-generation GPT-5.6 model family has been introduced under tight control, marking an important milestone in the advancement of frontier artificial intelligence with an equal emphasis on cybersecurity and responsible deployment. The release is anchored by GPT-5.6 Sol, the company's most advanced and security-hardened model to date. 

It introduces a three-tier architecture comprising Sol, Terra, and Luna, each of which is specifically designed to meet distinct performance, cost, and deployment requirements in software engineering, scientific research, professional knowledge work, computer use, and cybersecurity. OpenAI has restricted access to its API and Codex platforms to a select group of trusted partners following a formal request from the Trump administration rather than releasing the technology to the general public immediately. 

As a result, a cautious strategy emphasizes rigorous security evaluation, controlled real-world testing, and resilience against misuse before the product is available in broad markets. 

GPT-5.6 Introduces a New AI Model Architecture

Moreover, OpenAI is transforming its product architecture, replacing sequential branding with permanent capability tiers in addition to its flagship launch. A long-term restructuring of OpenAI's model portfolio is also part of the GPT-5.6 release, replacing sequential branding with permanent capability tiers that differentiate performance, efficiency, and deployment. 

Sol is the flagship model for advanced reasoning and technical tasks within this framework, Terra delivers performance comparable to GPT-5.5 at approximately half the operational cost for enterprise-scale deployments, while Luna is designed to achieve low latency and low operating cost for high-volume inference applications. Instead of GPT-5.5, which emphasized reasoning and coding improvements, GPT-5.6 emphasizes defensive cybersecurity, controlled deployment, and capability-specific safeguards, reflecting the general trend toward the advancement of security-aware frontier AI. 

The company states that the phased deployment reflects ongoing engagement with federal authorities in an effort to align future frontier AI releases with the objectives outlined in the recent Executive Order governing the assessment of advanced artificial intelligence systems for national security purposes. 

Preparedness Framework Strengthens Cybersecurity Safeguards 

Security remains central to the GPT-5.6 rollout. In its Preparedness Framework, OpenAI has categorized Sol, Terra, and Luna as High Capability models for both cybersecurity, biology, and chemical domains. However, none of these models currently meet the threshold for AI self-improvement as a High Capability model. 

To reduce the increased dual-use risks associated with increasingly capable foundation models, the company has adopted capability-specific safeguards rather than a uniform protection layer in order to mitigate this risk. By combining policy-level restrictions with automated classifiers, cybersecurity- and biology-related prompts are continuously analyzed in real time through the security architecture. 

When potentially high-risk interactions are detected, response generation is temporarily halted until a secondary reasoning model reviews the conversational context to determine whether or not to allow or restrict responses. A risk assessment can also be conducted by OpenAI at an account level to help differentiate legitimate security research and vulnerability analysis from potentially malicious behavior. 

GPT-5.6 Sol Demonstrates Strong Defensive Security Performance

The OpenAI benchmark results demonstrate that GPT-5.6 Sol provides competitive performance in defensive cybersecurity tasks while operating with significantly higher computational efficiency as compared to GPT-5.6 Sol. Sol was able to achieve results comparable to those of leading frontier systems such as Mythos Preview when evaluated on ExploitBench with one-third more tokens required for output. 

In internal testing of large Chromium and Firefox codebases, the model demonstrated the capability of identifying software flaws, isolating vulnerabilities, and providing patching advice as well as basic exploitation primitives. In addition, OpenAI pointed out that the system did not independently develop complete multistage exploit chains, reinforcing its goal of supporting defensive security research rather than facilitating offensive cyber operations. 

Red-Teaming and Safety Testing Ahead of Deployment

The OpenAI preview version included more than 700,000 A100-equivalent GPU hours of automated red-teaming for further strengthening resilience against misuse. Rather than focusing solely on isolated prompt failures, the testing program targeted systemic weaknesses as well as universal jailbreak techniques capable of bypassing model safeguards across a variety of scenarios, thereby enhancing resilience against misuse. 

In the coming week, OpenAI plans to make the models available to a wider range of API and Codex partners. Additionally, OpenAI warns against making government-mediated pre-clearance a permanent requirement for frontier AI deployments. As a result of prolonged restrictions, advanced defensive capabilities may not be available as needed by the wider cybersecurity community to combat rapidly evolving threats if they are prolonged. 

Pricing, Capability Tiers and Enterprise Availability 

Additionally, OpenAI has revised its naming strategy with generation numbers identifying the model family, and Sol, Terra, and Luna remaining persistent capability layers. A tiered pricing structure based on token consumption has been established by the company, with GPT-5.6 Sol charging $5 for a million input tokens and $30 for a million output tokens, Terra charging $2.50 per input and $15 per output, and Luna charging $1 per input and $6 per output, in accordance with the performance profiles and deployment scenarios of each model. 

As part of OpenAI's ongoing commitment to the enterprise, GPT-5.6 Sol will be released on Cerebras in July, delivering inference speeds of up to 750 tokens per second for enterprises with high-throughput AI requirements. 

Government Oversight Shapes GPT-5.6 Rollout 

GPT-5.6's limited release has also been the focus of an ongoing debate concerning national security oversight of frontier AI systems as a result of the limited release. According to OpenAI, the decision was made to limit the initial release following the Trump administration's request for a staggered rollout as government agencies evaluated the impact of the model's advanced capabilities. 

Sam Altman, the Chief Executive Officer of OpenAI, has subsequently advised employees that access to the preview will be approved individually as part of the coordinated rollout process. The request was made in consultation with the Office of the National Cyber Director, the Office of Science and Technology Policy, and Howard Lutnick, Secretary of Commerce. 

It was openAI's belief that government-mediated access should continue to be an exceptional measure rather than a long-term deployment model, even as it cooperated with the temporary review process, arguing extended restrictions may deter developers, enterprises, and cybersecurity practitioners from implementing critical AI capabilities. 

New Reasoning Modes Expand Defensive AI Capabilities 

 Along with deployment and governance, OpenAI has also enhanced the defensive security capabilities of GPT-5.6. According to OpenAI, GPT-5.6 is designed to make prohibited offensive activities more difficult, uncertain, and detectable while preserving legitimate applications such as code review, vulnerability research, patch development, and defensive security testing. 

The Max Reasoning Effort mode introduced in GPT-5.6 supports this approach by allowing Sol to allocate considerable computational resources to complex problems before providing responses. With Ultra reasoning, the execution of long-term tasks which require sustained planning and multi-step analysis is enhanced beyond conventional single-agent execution by orchestrating multiple parallel subagents capable of collaborating collaboratively. 

Scientific Benchmarks and OpenAI's Cybersecurity Roadmap

GPT-5.6 is the latest model family from OpenAI that demonstrates the company's commitment to AI-based defensive cybersecurity. Additionally, the company recently introduced GPT-5.5-Cyber as part of its Daybreak initiative, a specialized model for automated vulnerability discovery, patch generation, and software remediation. 

The OpenAI model achieved state-of-the-art performance across CyberGym (85.6%), ExploitGym (39%), and SEC Bench Pro (69.8%), a significant improvement over GPT-5.5 baselines. Additionally, GPT-5.6 Sol has demonstrated improved performance on GeneBench v1 and improved reasoning efficiency, indicating that the latest releases are an integral part of a broader strategy: advancing frontier AI capabilities while also investing equally in tools and safeguards necessary for enhancing cyber defenses.

Featured