DataBreachToday.com

Smaller Cybersecurity Partners Get Opus 4.7 But Not Anthropic's Highest-Risk Model
Anthropic’s Project Glasswing gives CrowdStrike, Palo Alto Networks and Zscaler privileged access to Claude Mythos Preview, while smaller cybersecurity partners such as SentinelOne and TrendAI can only integrate with Anthropic's generally available Opus 4.7 model.

Cybercrime Gang Claims to Have 108-Gbyte Trove of Insurer's Files, Folders
Ransomware gang Everest Group claims to have stolen more than 108 gigabytes of data- including policyholder details - belonging to insurer Liberty Mutual. The cybercrime group began leaking the company's alleged data on Monday afternoon, saying the insurer "failed" to respond to the gang's demands.

Guidance Warns Autonomous Systems Expand Enterprise Exposure
Federal and Five Eyes cyber agencies warn that agentic AI systems - capable of autonomous action across enterprise environments - are introducing identity, visibility and control risks that could outpace existing defenses without continuous monitoring, zero trust enforcement and human oversight.

Cryptocurrency Exchange Traded A7A5 Token
Russian sanctions busters won't be too fazed by the collapse of a cryptocurrency platform that facilitated billions of dollars' worth of transactions and whose main attraction was a ruble-pegged stablecoin. Experts say transactions fueling Russia's shadow economy and its war machine will persist.

Solar Energy Spurt Comes Freighted With Chinese Nation-State Hacking Worries
The European Commission froze funding for solar energy projects that use crucial components from Chinese companies such as Huawei, due to cybersecurity fears. The decision affects projects being funded by the European Investment Bank and other partner banks.

Startup Acquisition Adds Centralized Policy Control Over Agent Communications
Palo Alto Networks plans to acquire Portkey to centralize AI agent communications through a gateway that enforces runtime security, identity controls and governance, addressing rising risks from autonomous agents with broad system access and fragmented enterprise visibility.

Zero Trust Is 'Essential' - But Who Pays for It?
New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts.

Also: Google’s $40B AI Bet, Insights From Google Next Conference
In this week's panel, four ISMG editors discussed North Korea's use of fake video meetings to fuel crypto fraud, Google's $40 billion investment in Anthropic and what it signals for the AI race, and key takeaways from Google Next in Las Vegas on enterprise AI adoption.

Flaw Finding Model Integrated into a Slew of Cybersecurity Platforms
Claude artificial intelligence maker Anthropic announced Thursday wider availability of a model it described as its second-most powerful model for finding and patching software flaws. Anthropic is making Claude Security available as a "public beta" for enterprise customers.

Combined Platform Spans Dependencies, Extensions, Developer Tools
Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and IDE extensions, addressing AI-driven development risks and fragmented visibility across modern developer workflows.

Bipartisan Deal Funds DHS Components After Record 75-Day Shutdown
The House passed a bipartisan bill funding the Department of Homeland Security, ending a 75-day shutdown that forced the Cybersecurity and Infrastructure Security Agency into a reactive posture and disrupted preventive cyber operations, even as workforce losses and proposed cuts threaten long-term resilience.

Tightening Budgets and AI-Enabled Attacks Stretch State Cyber Defenses
State CISO confidence has collapsed, with just 22% saying their data is protected from cyberthreats. The 2026 NASCIO-Deloitte study points to AI-enabled attacks, third-party vendor risk and the worst budget picture in years as states rethink how they defend public data.

Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE Flaw
This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution.