China-linked threat actors hijacked a target organization's full authentication infrastructure and maintained undetected access for a decade. A 10-year dwell time on an isolated network signals pre-positioned intelligence collection at a scale most incident response frameworks cannot detect.
FCC proposes rules targeting anonymous prepaid phones; Microsoft's largest-ever Patch Tuesday drops alongside ShinyHunters exploiting an Oracle zero-day. ShinyHunters' zero-day use marks an escalation from credential theft to active vulnerability exploitation.
Commerce Department ordered Anthropic to block all foreign nationals from Fable 5 and Mythos 5, forcing a global suspension; Anthropic complied while disputing the jailbreak rationale. The move sets a precedent for export-control-style restrictions applied directly to commercial AI model access.
Anthropic suspended Fable 5 and Mythos 5 worldwide after Commerce Department declared them national security concerns under export control authority. Applying export-control decrees to AI model availability—not just hardware—marks a structural shift in how Washington regulates frontier AI.
Former Iowa school district IT employee sentenced to 21 months after deleting accounts and disrupting classrooms, causing tens of thousands in damages. Case underscores insider-threat risk from offboarded privileged users retaining or reusing administrative access.
Splunk Enterprise versions below 10.2.4 and 10.0.7 carry CVE-2026-20253, a CVSS 9.8 flaw allowing unauthenticated remote code execution via arbitrary file creation or truncation. Splunk's ubiquity in SOC and SIEM stacks makes unpatched instances a high-value pivot point for attackers already inside enterprise networks.
NPM 12 will require explicit opt-in before executing scripts from installed dependencies, closing a primary vector for supply chain attacks. The default-deny shift directly targets the malicious-package attack pattern that has compromised thousands of downstream projects over the past four years.