Ransomware DataBreachToday.com

Experts Warn of Faster and Higher Volume Attacks, Rising Patient Safety Worries
Emerging powerful AI tools - such as Anthropic's new Claude Mythos - that are capable of autonomously identifying and exploiting software bugs in a flash could reshape the healthcare cyber landscape by accelerating attacks and raising the risk of widespread operational disruption, experts said.

Project Glasswing Strengthens Key Platforms, Leaves Broad Exposure Untouched
Project Glasswing is giving select cybersecurity giants early access to Anthropic’s Claude Mythos Preview, boosting investor confidence in leaders Palo Alto Networks and CrowdStrike while raising concerns that smaller vendors, vulnerability firms and the broader internet will fall further behind.

Also, Medusa Ransomware, Grafana Flaw, German Political Party Breach
This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party.

Ruling Keeps Claude Models Out of Defense Systems During Separate Legal Challenges
A federal appeals court allowed the Pentagon to enforce its "supply-chain risk" designation against Anthropic, keeping its AI models barred from defense contracts while parallel litigation continues to challenge the policy’s legality and constitutional limits.

But Expect Plenty of Bottlenecks in Coordination, Validation and Patch Deployment
Anthropic's Claude Mythos Preview shows how AI can discover and chain vulnerabilities at scale, but the bigger challenge for defenders is redesigning disclosure, triage and patching processes so fixes can be deployed safely before attackers exploit the gap.

Defense of Democracies' Mark Montgomery on Warfare Trends, Geopolitical Threats
Cyber operations now support military strategy rather than just acting alone. Mark Montgomery of the Foundation for Defense of Democracies warns that as militaries integrate cyber and kinetic action, private sector enterprises are facing greater exposure to geopolitical threats.

Okta's Brett Winterford on Identity Threats and Agentic AI Risks
AI is accelerating cyberattacks, collapsing timelines and exposing new identity risks. Okta's Brett Winterford explains how attackers are using AI to scale phishing, exploit credentials and infiltrate enterprises - and what CIOs must do to defend against this rapidly evolving threat landscape.

Also: How AI May Democratize Cybercrime and How Everyday Routers Enable Espionage
In this week's ISMG panel, four ISMG editors discussed big shifts in cybersecurity: Anthropic's "dangerous" new AI model that can uncover thousands of zero-days, growing concerns about a surge in AI-driven flaws, and the FBI disrupting a Russian espionage campaign targeting everyday routers.

Pure Play OT Security Firms Want A Seat At The Table
There's growing concern in the operational technology cybersecurity community that manufacturers and operators, and their security vendors, will be left out in the cold by the latest efforts to use artificial intelligence in securing critical software.

Signature Healthcare EHRs, Patient Portal Offline; Some Cancer Care Cancelled
A Massachusetts healthcare system is diverting ambulance patients and is operating under downtime procedures as it deals with a cyberattack. The organization has also canceled certain cancer treatments, taken its patient portal offline and is unable to fill prescriptions at its retail pharmacies.

James Foster Points to Agentic Security and Need for Customers to Outsource Defense
CEO James Foster says managed detection and response is evolving into an AI-powered agentic model as enterprises face faster AI-driven threats. He stresses balancing automation with human expertise while positioning eSentire as a vendor-neutral platform integrating best-of-breed security tools.

CISA: Iran-Linked Groups Actively Exploiting OT Exposure Risks, PLC Programmers
Federal agencies are warning that Iranian-linked actors have begun actively exploiting internet-facing PLCs and misconfigured OT systems across U.S. critical infrastructure, enabling network access, lateral movement and potential disruption amid rising geopolitical tensions.

Anthropic Limits Access to New AI Model Amid Concerns Over Misuse
Anthropic asserted Tuesday that it's created a new era for cybersecurity after developing an artificial intelligence model too dangerous to release to public. The company's unreleased Claude Mythos Preview model has already found thousands of high-severity vulnerabilities.

Researchers Find Frontier Models Defy Humans to Protect AI Peers
Artificial intelligence systems will lie, falsify records and sabotage company systems to prevent their fellow models from being shut down - even when no one told them to care. Researchers at the University of California Berkeley and Santa Cruz campuses dub the behavior "peer-preservation."

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server
Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch.

White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut
The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs while shifting the agency toward a narrower focus on federal networks and critical infrastructure amid rising nation-state cyberthreats.

After Hacker Site Gets Resurrected, Cybercrime Group Denies All Involvement
Drama continues fast and furious in BreachForums land, as someone claiming to be part of the ShinyHunters crime group said they've rebooted the long-running and oft-disrupted forum yet again. But an official ShinyHunters channel denied the group having involvement in any such reboots.

Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions
Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it's rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.

Market Pressures Are Rewarding Storytelling More Than Validation, Operational Value
The fall of health tech company Theranos exposed how hype can outpace reality. In cybersecurity, similar pressures are emerging as vendors compete with bold claims and buyers struggle to verify outcomes. The result: a market where narrative can overshadow measurable operational value.

Device Maker Is Still Investigating March 11 Attack Claimed by Iranian Hacktivists
Medical tech maker Stryker said it has restored its systems and is operational across its global manufacturing network three weeks after a wiper attack by Iranian hacktivist group Handala led to a worldwide outage at the company. The firm is continuing to investigate the incident.