Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

FCRF Launches India’s Largest Cybercrime Hackathon for 2026

  The Future Crime Research Foundation (FCRF) has announced what is being positioned as India’s largest cybercrime hackathon, a move that re...

All the recent news you need to know
zhipu ai
AI Policy Artificial Intelligence China Cyber Security USA vulnerability zhipu ai

China's New AI Model Challenges U.S. Cybersecurity Leaders

 



China's latest open-weight artificial intelligence model is drawing attention within the cybersecurity community after independent evaluations indicated that it can rival some of the vulnerability detection capabilities of leading U.S. frontier AI systems. The findings are fueling renewed debate over whether restricting access to advanced American AI models is enough to slow the spread of powerful cyber capabilities.

Chinese AI company Zhipu AI, also known as Z.ai, released its GLM-5.2 model on June 13 under a permissive open-weight license. Unlike proprietary AI systems that are only accessible through controlled cloud services, open-weight models allow researchers and developers to download the model weights and run them on their own hardware. This approach enables offline deployment, customization through fine-tuning, and unrestricted experimentation without requiring ongoing approval from the model developer.

The release stands in contrast to Anthropic's Claude Mythos, one of several advanced AI systems whose availability has been limited under U.S. export controls because of concerns that highly capable models could be misused for offensive cyber operations. While GLM-5.2 still falls behind leading models from Anthropic and OpenAI across many general-purpose reasoning benchmarks, recent testing suggests it performs remarkably well in one highly specialized area: identifying software vulnerabilities.

Independent benchmarking conducted by Semgrep found that GLM-5.2 achieved an F1 score of 39% when detecting Insecure Direct Object Reference (IDOR) vulnerabilities. IDOR flaws arise when applications expose internal object identifiers without properly verifying whether a user is authorized to access the requested resource, making them a common source of unauthorized data access and privilege abuse. Under the same evaluation conditions, Claude Code recorded scores ranging from 32% to 37%, placing GLM-5.2 slightly ahead in this specific cybersecurity task.

The benchmark also underlined a notable economic advantage. Researchers estimated that GLM-5.2 identified vulnerabilities at an average cost of approximately $0.17 per finding, roughly one-sixth of the cost associated with comparable Claude-based workflows. Lower operating costs could make advanced AI-assisted vulnerability research accessible to a much broader range of organizations, independent researchers, and software security teams.

Additional benchmarking conducted by Graphistry reached similar conclusions, reinforcing the view that an openly downloadable Chinese model can compete with frontier U.S. AI systems in narrowly focused cybersecurity applications. The independent evaluations are particularly noteworthy because they relied on standardized testing methodologies designed to reduce benchmark contamination and minimize vendor-specific bias.

The findings arrive amid growing concern in Washington over the national security implications of frontier artificial intelligence. The Trump administration has increasingly treated advanced AI models such as Mythos and Fable as strategic technologies because of their ability to automate complex cybersecurity tasks, including discovering previously unknown software vulnerabilities that could potentially be weaponized in cyber operations.

Those concerns have shaped U.S. export control policies that restrict access to some advanced AI systems for foreign organizations, including researchers based in China. The underlying assumption behind these controls is that limiting access to the most capable American models would delay competing nations from acquiring comparable cyber capabilities. GLM-5.2's performance is prompting renewed questions about whether restricting model access alone can achieve that objective when capable alternatives are being developed elsewhere.

The discussion is further informed by Anthropic's Project Glasswing, which previously demonstrated the cybersecurity potential of frontier AI by identifying more than 10,000 critical software vulnerabilities during its initial research phase. The project illustrated how advanced language models can assist security researchers in reviewing large codebases, prioritizing weaknesses, and accelerating vulnerability discovery. If open-weight models begin approaching similar levels of performance, comparable capabilities may no longer remain exclusive to a small number of tightly controlled AI providers.

The latest development also comes shortly after OpenAI introduced GPT-5.6 with limited availability because of concerns surrounding misuse. Together, these decisions reflect a broader effort by U.S. AI developers to place increasingly capable models behind controlled access mechanisms while balancing innovation with national security considerations.

Cybersecurity researchers note that advances in open-weight models create opportunities as well as risks. Defensive teams could use these systems to automate code reviews, strengthen secure software development practices, and accelerate vulnerability remediation. At the same time, threat actors may attempt to exploit the same capabilities to identify weaknesses in software before organizations have an opportunity to patch them. Because GLM-5.2 can be downloaded and operated locally, these capabilities are available globally regardless of whether users have access to commercial U.S. AI services.

The emergence of GLM-5.2 does not necessarily indicate that Chinese AI has surpassed American frontier models across every benchmark. However, its strong performance in specialized cybersecurity evaluations suggests that the technological gap is narrowing in selected high-value domains. The development is likely to intensify debate over whether hardware restrictions and access controls alone are sufficient to preserve leadership in AI-driven cybersecurity, or whether future policy must place greater emphasis on strengthening defensive capabilities, accelerating software patching, and preparing for a world where advanced vulnerability discovery tools become increasingly accessible worldwide.

Read more »
Isreal
Critical Infrastructure critical infrastructure attack Cyber Attacks cyber intrusion Iran Cyber Attacks Isreal

Iran-Linked Cyberattacks Against Israel Triple as Critical Infrastructure Faces Rising Threats

 

Surging numbers of cyber intrusions tied to Iran have been logged by Israeli officials, revealing persistent digital hostilities despite lulls in physical warfare. The National Cyber Directorate notes attacks on critical systems now occur at almost three times the frequency seen twelve months ago - this escalation suggests online defenses are just as vital as traditional security setups. While battlefield activity slows, unseen operations thrive behind screens. 

Back in June 2026, Israel saw nearly 4,800 hostile cyber events, according to Yossi Karadi, head of the country's National Cyber Directorate. That number comes from remarks he shared with the German publication Die Welt. Compared to just 1,600 incidents logged one year earlier - during June 2025 - the rise is sharp. 

At that time, Israeli forces were carrying out military actions targeting Iran. Even when fighting slows on the ground, digital clashes do not pause. Though truces might calm frontlines, hacking efforts persist without rest. Karadi pointed out that numerous hacker collectives operate with high-level skills. Despite strong national safeguards, these actors demand ongoing attention. Round-the-clock watch remains necessary, he emphasized. 

One Israeli official noted that the assaults hit many types of groups, not just state bodies. Beyond governmental units, vital utility providers found themselves under pressure. Public administrative hubs also faced repeated digital intrusions. Smaller commercial ventures weren’t spared either - many reported breaches. Accounting practices appeared on the list of compromised entities recently. Legal consultancies showed up frequently in incident reports too. 

So far, Israeli officials say key systems have stayed safe even as attack attempts increase. Confidence in defense strength comes through clearly in Karadi’s remarks - yet he points out dangers still linger. Vigilance must hold steady, because risks remain real and constant. Even when some breaches on vital systems were stopped, firms with poor digital safeguards faced harsher outcomes. 

Some businesses, noted Karadi, fell harder because they were simpler targets - leading to total erasure of their networks after hackers got in. The names of those hit stayed undisclosed. Technical specifics about how it happened? Left out too. 

Across global tensions, digital attacks now routinely accompany physical warfare. Rather than staying separate, hacking efforts blend into modern conflict strategies. Government-linked hackers shift toward striking infrastructure, officials, and corporate networks - often at the same time as troop movements. 

These actions aim less at immediate damage, more at stealing secrets or wiping records clean. Public trust erodes when utilities or institutions face repeated intrusions. Hidden agendas drive many breaches, masking long-term influence goals behind technical exploits. Even though Iran denies launching cyber operations against other nations, it often highlights attacks aimed at its domestic institutions. 

Assigning blame for digital intrusions among states is rarely straightforward - officials commonly reject accusations, leaving experts to piece together evidence using forensic data and collected insights. Despite shifts in traditional combat, cyber operations show no slowdown - recent data from Israel’s National Cyber Directorate confirms their steady rise. 

With global friction still simmering, state-backed hacking efforts keep mounting. Institutions across sectors find themselves under growing strain to adapt defenses accordingly. Sophistication matters more than size when confronting these digital intrusions. Readiness now hinges on responsiveness, not just preparation.
Read more »
KDDI hack
Data Breach email security ISP email breach Japan cyberattack KDDI data breach KDDI hack

KDDI Data Breach May Have Exposed Email Credentials of Up to 14.22 Million ISP Users in Japan

 

Japanese telecommunications giant KDDI Corporation has disclosed a cybersecurity incident that may have compromised the email credentials of millions of users. According to the company, attackers gained unauthorized access to an email system that supports services for five internet service providers (ISPs) in Japan.

KDDI detected the security breach on June 17 and said it took immediate action to block the attackers while deploying additional security measures to contain the incident.

The company's investigation found that the intrusion occurred after threat actors exploited a vulnerability in third-party software used within KDDI's email infrastructure.

"Although technical defensive measures have already been implemented for the system, there remains a possibility that customers' email addresses and passwords were obtained by unauthorized third parties as a result of the incident," KDDI warns.

Up to 14.22 Million Accounts Potentially Affected

KDDI, one of Japan's largest internet service providers, employs around 45,000 people and generates annual revenue of approximately $32.4 billion. Established in 2000 through the merger of IDO, DDI, and KDD, the company serves millions of customers across the country.

The breach impacted email services operated by the following ISPs:

  • STNet, Inc.

  • JCOM Co., Ltd.

  • Chubu Telecommunications Co., Inc.

  • NIFTY Corporation

  • BIGLOBE Inc.

While the investigation remains ongoing, KDDI estimates that email addresses and passwords belonging to as many as 14.22 million current, former, and inactive customer accounts may have been exposed.

The company noted that a portion of the affected passwords had been stored in hashed and/or encrypted form, reducing the likelihood of immediate misuse if accessed by attackers. However, it did not disclose the encryption method used or clarify how many passwords, if any, were stored in plaintext.

Authorities Notified, Customers Advised to Reset Passwords

Since identifying the breach, KDDI has informed the affected ISP operators and reported the incident to Japan's Personal Information Protection Commission as well as the Ministry of Internal Affairs and Communications.

The telecom operator is working closely with the impacted ISPs to strengthen security measures and reduce potential risks stemming from the incident.

Customers whose accounts may have been affected are advised to reset their email passwords immediately. KDDI also recommends enabling two-factor authentication (2FA), where available, to provide an additional layer of account security.

Read more »
US AI Regulation
AI Export Controls AI National Security Anthropic Mythos 5 Artificial Intelligence Governance Frontier AI Security OpenAI GPT-5.6 Privacy Secure AI Deployment US AI Regulation

US Opens the Door for Trusted Organizations to Use Anthropic's Mythos AI


With a significant shift in U.S. government policy toward frontier artificial intelligence deployment, limited access has been restored to Anthropic's advanced Mythos 5 model, signaling a more targeted regulatory strategy than a blanket ban. 


Following a suspension of the model earlier this month due to national security concerns, U.S. authorities have now authorized its release to a carefully vetted group of organizations, including major Fortune 500 companies, which have been carefully vetted. 

Washington has emphasized the importance of balancing artificial intelligence innovation with national security safeguards, as increasingly capable foundation models are subject to increased scrutiny over their potential misuse by foreign military and intelligence entities. 

Additionally, the move is a useful illustration of a growing trend in which governments are increasingly influencing the deployment of cutting-edge AI systems and in which access to those systems is increasingly linked to trust, security compliance, and controlled distribution rather than unrestricted public access. 

Regulatory discussions prompted by the U.S. government's export control order issued on June 12, which required Anthropic to suspend access to both Mythos 5 and its companion model, Fable 5, while officials assessed the possible national security implications of releasing frontier artificial intelligence capabilities, led to the latest authorization. 

As the administration noted, it was concerned that highly capable generative AI models could be exploited by military or intelligence agencies linked to China, Russia, and other countries considered strategic risks. In light of this, Anthropic sought to strengthen compliance measures with the U.S. authorities, ultimately obtaining approval from the Secretary of Commerce Howard Lutnick to reactivate Mythos 5 to a limited network of vetted partners. 

However, Fable 5 remains subject to export restrictions while regulatory assessments are being completed. There has also been a broader shift in policy, as OpenAI announced it had postponed the full public rollout of GPT-5.6 at the request of U.S. officials, limiting early access to a small number of pre-approved organizations whose identities were disclosed to the government in response to the change. 

Together, these developments demonstrate the growing regulatory framework for the deployment of frontier AI models, in which access to these models is increasingly restricted, government oversight is continuous, and available models are available to a narrower audience rather than being made available widely to the public. 

While the government has reversed the partial policy, its selective approval process continues to polarize discussion over the need for transparency and competitive fairness as frontier AI models are deployed. As a consequence of the lack of clearly defined eligibility criteria, federal agencies have accumulated considerable discretion, leaving companies outside the approved ecosystem with little insight into the decisions made regarding access. 

As a legislative counsel for the Foundation for Individual Rights and Expression, John Coleman has questioned the opaque vetting framework, arguing that a lack of transparency in participant selection raises broader concerns about accountability and the consistency of regulatory authority application. 

Achieving the same objective, Commerce Secretary Howard Lutnick confirmed that organizations on the approved list of trusted organizations, as well as their employees, including non-U.S. citizens, as well as Anthropic's own international workforce, will be exempt from requiring individual export licenses to access Mythos 5. 

Licensing requirements, however, will remain in force for organizations outside of the government's trusted network. A number of the approved entities have been participating in Anthropic's Project Glasswing initiative, a collaborative effort between approximately 100 established technology companies and research institutions. It is also being discussed whether or not Fable 5 will be authorized in the future, although no implementation dates have been disclosed.

Increasing national security concerns increasingly influence commercial deployment strategies, which is reflected in the evolving regulatory framework which reflects a broader shift in how advanced artificial intelligence capabilities are governed. Although Fable 5 and Mythos 5 are based on the same underlying foundation model, the latter has been designed to be widely available with fewer deployment restrictions, making its continued suspension a noteworthy distinction in the government's risk assessment. 

A number of regulatory frictions have also resulted from Anthropic's refusal to support the use of its AI models for domestic surveillance and fully autonomous weapons systems. This stance exacerbated frictions between Anthropic and Washington. Additionally, both Anthropic and OpenAI continue to pursue public market ambitions while adjusting to the new compliance requirements introduced in President Donald Trump's executive order. 

By establishing a voluntary framework, the U.S. government will have the opportunity to review frontier artificial intelligence models up to 30 days before they are released to trusted partners under this voluntary framework. Analysts point out that while the latest authorization provides a practical mechanism for controlled deployment in the near-term, it does not resolve the question of how advanced AI systems are able to be deployed at scale. 

A former Commerce Department official and analyst at the Center for Strategic and International Studies, Ms. Koren warned that prolonged uncertainty surrounding broad model deployment could eventually erode the competitive advantage of U.S. AI developers. This could create opportunities for geopolitical rivals such as China to narrow their technological gap. 

Advance AI models are progressively being returned under tightly controlled access, signaling that frontier artificial intelligence has entered a new era where technical capability alone is no longer the determining factor of deployment. 

As governments refine oversight mechanisms for high-impact AI systems, developers, enterprises, and security teams must adjust to ever-evolving compliance requirements. Those considering integrating next-generation artificial intelligence need to closely monitor regulatory developments, export controls, and trusted access frameworks, as policy decisions are becoming an increasingly important aspect of AI adoption.
Read more »
Romania hospital cyberattack
BackMyData Data Breach Healthcare cybersecurity ransomware attack Romania hospital cyberattack

Romania's Swift Response Stops Massive Cyberattack on Hospitals, Offers Global Lessons in Healthcare Security

 

Romania's healthcare system faced one of its biggest cyber crises in February 2024 when a widespread ransomware attack targeted hospitals across the country, disrupting critical medical services and exposing the growing vulnerability of healthcare infrastructure to cybercriminals.

The attack began when hackers infiltrated the systems of Bucharest-based software company RSC, compromising its widely used hospital management platform, Hippocrates. As the malicious software rapidly spread to connected hospitals, officials at Romania's National Directorate for Cyber Security (DNSC) realized immediate action was necessary to prevent a nationwide catastrophe.

Faced with limited options, DNSC Director Dan Cimpean instructed more than 100 hospitals to disconnect from the internet immediately. The drastic measure successfully halted the spread of the ransomware but also left hospitals without internet access, email services, and connected medical systems.

Medical staff were forced to abandon digital records and return to manual processes, relying on handwritten documentation and paper-based workflows while cybersecurity experts investigated the breach and IT teams worked to restore operations.

The incident has since become an important case study for disaster response planners worldwide, demonstrating how healthcare systems can continue functioning during a major cyberattack.

Surgeon Oana Goidescu, who was working at Buzău Hospital when the attack unfolded, described the challenges medical staff faced.

"It was quite an unpleasant experience, because an IT record is not just a list of patients." She explained the extent of the disruption by adding: "For each patient, we request lab tests, radiology, medicines and supplies. All of that was gone."

The Hippocrates platform plays a central role in hospital operations, handling patient admissions, laboratory requests, pharmacy logistics, payroll, medical records, and diagnostic results. Once compromised, hospitals across Romania experienced widespread service failures.

The ransomware used in the attack, known as BackMyData, encrypted hospital files and demanded payment in Bitcoin to restore access.

The first warning signs appeared at Pitești Children's Hospital on the morning following the breach. By the next day, numerous hospitals reported that their Hippocrates systems had stopped functioning.

Cybersecurity specialists collaborated closely with the software provider to identify infected systems, isolate the malware, and begin recovery efforts.

Meanwhile, hospitals developed temporary offline systems to continue treating patients.

Vlad Paic from Carol Davila Hospital explained how his team adapted. When we saw the system would not be repaired quickly, we developed an offline method so we could register every patient. He added:"We asked the laboratory to give us results on paper. We used Excel and other offline tools to ensure care was not affected."

Romania's relatively recent transition to digital healthcare systems proved somewhat beneficial, as many staff members were still familiar with traditional paper-based procedures.

Investigators later confirmed that 26 hospitals had been directly infected with the BackMyData ransomware. Unaffected hospitals were gradually reconnected to the internet after additional cybersecurity protections were implemented.

Authorities also relied heavily on public communication throughout the crisis. Patients were advised to avoid hospitals unless absolutely necessary, helping reduce pressure on already strained facilities.

Despite these efforts, medical staff often faced frustration from worried patients.

Goidescu recalled: "We were asked, 'What if it were your mother?' They were right to be angry, but we tried to explain we were not at fault."

Romanian authorities also issued clear instructions that hospitals should neither negotiate with the attackers nor pay the ransom. The hackers had demanded €160,000 in Bitcoin, but the government refused payment and instead focused on restoring systems through secure backups.

Regular data backups proved invaluable, allowing most hospitals to recover their systems within five days. Although no deaths or serious patient harm were reported during the incident, healthcare workers spent weeks manually entering records created during the outage, while some information was permanently lost.

Investigators have not publicly identified those responsible for the attack. However, authorities previously dismantled a ransomware group linked to BackMyData in an international law enforcement operation that resulted in the arrest of four Russian nationals outside Russia.

Reflecting on the incident, Dan Cimpean warned that no country is immune from similar threats. "The more technology you have, the more digitised you are, the greater the risk."

The Romanian cyberattack reflects a broader global trend. In the United Kingdom, a cyberattack on an NHS blood-testing provider last year contributed to the first officially confirmed patient death linked to a cyber incident. In the United States, attacks on Change Healthcare and Ascension caused major disruptions, with Change Healthcare reportedly paying a $22 million ransom.

Cybersecurity experts say hospitals remain attractive targets because of their essential services.

Alina Bîzgă of cybersecurity company Bitdefender explained: "Hospitals handle critical services, and the criminals think that the more disruption that can be caused, the more likely they are to get paid a ransom."

The Romania incident highlights the urgent need for stronger cybersecurity measures, routine system backups, and well-prepared emergency response plans to safeguard healthcare services against increasingly sophisticated cyber threats.

Read more »
U.S. Policy
Digital Tax Trade Deal Tech Firms Technology Trump Tariff U.S. Policy

Trump Threatens 100% Tariff on Countries That Adopt Digital Services Tax

 

U.S. President Donald Trump has threatened to impose a 100 percent tariff on goods from any country that levies a digital services tax on American companies, escalating tensions with trading partners already weighing tougher rules on big tech. In a social media post on Friday, Trump said the tariff would apply immediately and would override existing trade agreements, whether those deals were already in force or still awaiting implementation. 

The move is aimed at countries, especially in Europe, that have discussed or adopted taxes on digital platforms and online services. Trump argued that these taxes unfairly target U.S. firms, many of which are among the world’s largest technology companies. Reuters reported that the warning came as several European governments continue to debate how best to tax digital businesses that generate revenue from local users without having a large physical presence. 

Trump’s message raises the risk of a fresh trade confrontation between Washington and key allies. By linking digital tax policy to broad import penalties, the White House is signaling that it may use tariffs as leverage in disputes that extend beyond traditional goods trade and into the regulation of the digital economy. Reuters noted that the announcement also came shortly after the European Union moved to reduce tariffs on U.S. goods, adding another layer of strain to transatlantic negotiations. 

The practical impact of the threat could be significant if implemented. A blanket 100 percent tariff would sharply raise the cost of exports to the United States and could hit sectors far beyond technology, depending on how broadly the measure is enforced. Reuters also noted that Trump said the tariff would supersede trade deals, a statement that adds uncertainty about how existing agreements might be affected if a country proceeds with a digital services tax. 

The latest warning fits a broader pattern in Trump’s trade approach, which has relied on tariffs as a bargaining tool against countries he says are treating American companies unfairly. For businesses, the announcement is another reminder that tax policy, trade policy and digital regulation are increasingly linked. For governments, it creates a sharper incentive to weigh the political and economic costs of taxing U.S. tech giants against the risk of retaliation from the United States.
Read more »
Subscribe to: Posts (Atom)

Featured