Goto

Collaborating Authors

 Cyberwarfare


Bank of England handed powers to regulate key tech firms including Amazon and Google

The Guardian

The BoE and City regulator the Financial Conduct Authority will aim to ensure the four main providers of cloud and tech services to banks are resilient and actively reducing the risk of cyber attack. The BoE and City regulator the Financial Conduct Authority will aim to ensure the four main providers of cloud and tech services to banks are resilient and actively reducing the risk of cyber attack. Direct oversight of'critical third parties' such as Oracle and Microsoft given to ensure resilient cyber-defences and help safeguard UK economy The Bank of England has been handed powers to regulate important tech firms including Amazon and Google from next week, amid fears that system failures could threaten financial stability and harm consumers. From Monday, the Bank and fellow City regulator the Financial Conduct Authority (FCA) will be in charge of ensuring that four large-scale providers of cloud and tech services to banks are resilient and actively reducing the risk of cyber-attacks and major outages that could disrupt services for millions of people and businesses across the UK. This will mean having "direct" oversight of local arms of Amazon Web Services, Google Cloud, Oracle and Microsoft, all of which have been identified as "critical third parties" by the UK government, according to an announcement on Friday.


18-year-old man arrested over 2025 cyberattack on internet cafe operator

The Japan Times

An 18-year-old man has been arrested for his suspected involvement in a cyberattack on an internet cafe operator. An 18-year-old man has been arrested for his suspected involvement in a cyberattack on the operator of the Kaikatsu Club internet cafe chain, according to investigative sources. On Wednesday, the Metropolitan Police Department's cybercrime countermeasure division arrested the company employee from Tokyo's Katsushika Ward, who was in the second year of high school at the time of the incident, on suspicion of fraudulent obstruction of business and violation of the law against unauthorized computer access. He has denied parts of the allegations, the sources said. In the cyberattack on the internet cafe chain operator Kaikatsu Frontier, a computer program that a high school boy from the city of Osaka developed using ChatGPT was used.


Finance Minister Katayama says G7 will discuss AI defense standards

The Japan Times

Finance Minister Satsuki Katayama speaks during an interview on Monday. The Group of Seven nations will discuss standards on artificial intelligence security and defense, Finance Minister Satsuki Katayama has said. Speaking in a recent interview, Katayama said that financial institutions "need to decide the order of priority for fixing their systems," in order to prepare for the possibility of advanced AI models detecting a large number of vulnerabilities in their systems. She added that the G7 nations, which include Japan, will discuss related criteria and work together to tackle cyberattacks. State-of-the-art AI models, such as Claude Mythos, developed by U.S. startup Anthropic, are believed to be highly proficient in identifying system vulnerabilities. Katayama has been negotiating with the United States to ensure that major financial institutions in Japan have access to these technologies.


Anthropic gets US government's permission to redeploy its Mythos cybersecurity AI model

Engadget

Anthropic gets US government's permission to redeploy its Mythos cybersecurity AI model Anthropic gets US government's permission to redeploy its Mythos cybersecurity AI model It suspended all access to Mythos and Fable after an order from the US government. The US government has given Anthropic permission to redeploy Mythos 5 to a set of US organizations that operate and defend critical infrastructure, the company has announced on X. While Anthropic didn't say how many organizations will see their access restored, Semafor has reported that the company has gotten permission to redeploy its strongest cybersecurity model to more than 100 institutions in the US, including major corporations and government agencies. Anthropic said that it's redeploying Mythos 5 quickly and continuing to work with the government to expand access even further. It's also in talks with the government make Fable 5 available for use again, but it didn't give a timeline for it.


BountyBench: Dollar Impact of AIAgent Attackers and Defenders on Real-World Cybersecurity Systems

Neural Information Processing Systems

AI agents have the potential to significantly alter the cybersecurity landscape. Here, we introduce the first framework to capture offensive and defensive cybercapabilities in evolving real-world systems. Instantiating this framework with BountyBench, we set up 25 systems with complex, real-world codebases. To capture the vulnerability lifecycle, we define three task types: Detect (detecting a new vulnerability), Exploit (exploiting a specific vulnerability), and Patch (patching a specific vulnerability). For Detect, we construct a new success indicator, which is general across vulnerability types and provides localized evaluation. We manually set up the environment for each system, including installing packages, setting up server(s), and hydrating database(s). We add 40 bug bounties, which are vulnerabilities with monetary awards of $10-$30,485, covering 9 of the OWASP Top 10 Risks. To modulate task difficulty, we devise a new strategy based on information to guide detection, interpolating from identifying a zero day to exploiting a specific vulnerability. We evaluate 10 agents: Claude Code, OpenAI Codex CLI with o3-high and o4-mini, and custom agents with o3-high, GPT-4.1,


Five Eyes intelligence alliance warns of threats from new AI models

Al Jazeera

Cutting-edge artificial intelligence technology is poised to supercharge offensive hacking capabilities, and urgent action is needed to face up to the threat, US, UK, Canadian, Australian and New Zealand officials have said. "Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities," the intelligence alliance commonly known as the Five Eyes said in a three-page statement on Monday. The statement was light on detail and mostly restated core cybersecurity advice, such as swiftly patching faulty software and not putting systems online unless necessary. The officials also urged defenders to use AI "to strengthen defence", for example by identifying weaknesses sooner or responding more quickly to incidents. The warning was another indication of officials' increasing concerns over models such as Anthropic's Mythos or OpenAI's GPT-5.5-Cyber, which are said to allow users to quickly execute complex - and potentially devastating - hacks.


GASP: Efficient Black-Box Generation of Adversarial Suffixes for Jailbreaking LLMs

Neural Information Processing Systems

LLMs have shown impressive capabilities across various natural language processing tasks, yet remain vulnerable to input prompts, known as jailbreak attacks, carefully designed to bypass safety guardrails and elicit harmful responses. Traditional methods rely on manual heuristics but suffer from limited generalizability. Despite being automatic, optimization-based attacks often produce unnatural prompts that can be easily detected by safety filters or require high computational costs due to discrete token optimization. In this paper, we introduce Generative Adversarial Suffix Prompter (GASP), a novel automated framework that can efficiently generate human-readable jailbreak prompts in a fully black-box setting. In particular, GASP leverages latent Bayesian optimization to craft adversarial suffixes by efficiently exploring continuous latent embedding spaces, gradually optimizing the suffix prompter to improve attack efficacy while balancing prompt coherence via a targeted iterative refinement procedure. Through comprehensive experiments, we show that GASP can produce natural adversarial prompts, significantly improving jailbreak success over baselines, reducing training times, and accelerating inference speed, thus making it an efficient and scalable solution for red-teaming LLMs. Warning: This paper contains text and examples that may be considered offensive or harmful.


Three things to watch amid Anthropic's latest feud with the government

MIT Technology Review

Three things to watch amid Anthropic's latest feud with the government Anthropic's standoff with Washington has already raised new questions about AI safety and sovereignty--and about Chinese competition. For those of you enjoying your summer unaware of Anthropic's latest feud with the US government, here's a recap: In April the company said it had built an AI model called Mythos that was so good at working with code it could pose a global cybersecurity threat. Anthropic gave access to a small group of cybersecurity experts so they could see what they were up against. Then it released a modified version called Fable which it said was safer to the public on Tuesday, June 9. That Friday, the federal government told the company it was a threat to national security and placed export controls on the new release. Anthropic revoked access to both models hours later.


AI models that can take down governments and business months away, rare Five Eyes statement warns

The Guardian

Cybersecurity agencies from the Five Eyes alliance have issued a joint statement on AI after the US blocked Anthropic's much-hyped Fable. Cybersecurity agencies from the Five Eyes alliance have issued a joint statement on AI after the US blocked Anthropic's much-hyped Fable. Signal agencies in Australia, the US, the UK, New Zealand and Canada sound alarm after Trump blocks foreign nationals from Anthropic's Fable AI model Powerful AI models capable of devastating new cyber attacks on governments and businesses are mere months away, intelligence agencies for the Five Eyes have warned in a rare joint statement, urging leaders to "act now". The surprising public intervention by signals agencies for Australia, the US, the UK, New Zealand and Canada comes after the Trump administration earlier this month decided to block "foreign nationals" from using a much-hyped AI model built by tech company Anthropic, called Fable. The statement, issued late on Monday night, Sydney time, said while AI "would help us improve cyber defence over time, it also accelerates the speed, scale, and sophistication of cyber threats".