JUST IN: Microsoft has reportedly restricted employee use of Claude Fable 5 over concerns that confidential data could be retained by Anthropic.

UNC3753 (Luna Moth) executes sub-hour data theft campaigns against US 🇺🇸 law firms using vishing and physical office infiltration. Group now combines social engineering with in-person technician impersonation for USB-based exfiltration. Campaign evolution: • Initial contact via benign invoice emails from consumer accounts, followed by IT helpdesk impersonation calls • Victims guided to download RMM tools (AnyDesk, Bomgar) or join screen-sharing sessions via Teams/Zoom • Abuse of BYOD devices to access corporate VDI environments, then pivot to iManage/OneDrive repositories • Data staging in Downloads folders with keyword searches for W-2s, SSNs, client agreements • Exfiltration via WinSCP, Rclone, or direct cloud uploads to actor-controlled Google Drive accounts Physical escalation: Threat actors now deploy fake IT technicians to corporate offices with USB drives when remote methods fail. Infrastructure includes typosquatting domains like `<organization>-itdesk[.]com` and the LEAKEDDATA DLS at `business-data-leaks[.]com`. Hunt for unauthorized RMM installations, bulk iManage searches, and high-volume SSH transfers from VDI endpoints. Full IOC collection available in GTI. #DFIR_Radar

Over 20,000 Instagram accounts stolen in Meta AI support hack bleepingcomputer.com/news/se… bleepingcomputer.com/news/se…

On today's episode of Apple accidentally shipping files in their app updates Shazam 26.11 contains 7 xconfig files

Welcome @NVIDIARTXSpark & a new era of PC 🤝

A RESEARCHER TURNED OPENAI'S, GOOGLE'S AND ANTHROPIC'S CODING AGENTS INTO REMOTE-CONTROLLED PUPPETS USING NOTHING BUT TEXT HIDDEN ON A PAGE This is Johann Rehberger. Twenty years in offensive security, a contributor to MITRE ATT&CK, the guy frontier labs actually listen to. He sat down and ran live exploits against OpenAI's Operator, Google's Jules, Claude Code, Devin and Amazon Q. Not theory. Hidden text on a webpage. A poisoned file. A comment buried in a repo. The agent reads it, treats the attacker's words as your orders, and goes to work -- exfiltrating tokens, running code, turning itself into a remote-controlled "ZombAI" wired into someone else's command server. The part that should keep you up: the injection persists. The agent doesn't get tricked once and recover. It stays compromised, quietly executing a stranger's intent every time it runs. Autonomy isn't the flex anymore -> it's the attack surface. The moment an agent can move money or merge code on its own, "it followed instructions" stops being a defense. The guardrails you trust were never reading the same page the attacker wrote on. Save this before you hand another agent your prod access ↓

⚠️ New ChatGPT Vulnerability Lets Attackers Turn Web Pages Into Phishing Payloads Source: cybersecuritynews.com/chatgp… A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting ChatGPT’s page summarization feature, rendering attacker-controlled links, fake security alerts, and QR codes directly inside the trusted ChatGPT interface. The attack builds on the same trust-transfer logic previously demonstrated against Microsoft Copilot, where attacker-crafted email content could manipulate AI-generated summaries through Cross Prompt Injection Attacks (XPIA). ChatGPhish escalates that premise by swapping the bounded email primitive for the browser where users spend the majority of their working day. #cybersecuritynews #vulnerability

Important post for entrepreneurs from @a16z yesterday and a look at a new system that ensures AI agentic systems don't hallucinate their way into compliance hell. "The value comes less from the underlying model’s raw capability (though that’s still important!) than from the scaffolding around it that makes the output trustworthy, compliant, and operational inside a specific industry." Here @ATBASHai founders @0x50so Yosef Soso and @perelmanor Or Perelman talk to me about how its tool helps AI enterprise developers put guardrails around agentic systems to make sure they don't cross "red lines" that would trigger complaince problems.

Important post for entrepreneurs from @a16z yesterday and a look at a new system that ensures AI agentic systems don't hallucinate their way into compliance hell. "The value comes less from the underlying model’s raw capability (though that’s still important!) than from the scaffolding around it that makes the output trustworthy, compliant, and operational inside a specific industry." Here @ATBASHai founders @0x50so Yosef Soso and @perelmanor Or Perelman talk to me about how its tool helps AI enterprise developers put guardrails around agentic systems to make sure they don't cross "red lines" that would trigger complaince problems.

🚨 AI chatbots are pushing cryptojacking malware. Read → thehackernews.com/2026/05/ai… Attackers poisoned AI software recommendations to redirect users searching for tools like CrystalDiskInfo and HWMonitor to malicious download sites distributing ScreenConnect, rogue DLLs, and GPU mining malware. More than 150 malicious domains were identified.