The draft revision of the Artificial Intelligence Basic Plan highlights the growing risk of cyberattacks that exploit AI.

Over the last decade, ransomware detection has become a central topic in cybersecurity research. Due to ransomware's direct interaction with storage devices, analyzing I/O streams has become an effective detection method and represents a vital area of focus for research. A major challenge in this field is the lack of publicly accessible data featuring individual command labeling. To address this problem, we introduce the Command LEvel Annotated Ransomware (CLEAR) dataset, a large-scale collection of storage devices' stream data. The dataset comprises 1,045 TiB of I/O traffic data, featuring malicious traffic from 137 ransomware variants.

Foundation models are increasingly becoming better autonomous programmers, raising the prospect that they could also automate dangerous offensive cyber-operations. Current frontier model audits probe the cybersecurity risks of such agents, but most fail to account for the degrees of freedom available to adversaries in the real world. In particular, with strong verifiers and financial incentives, agents for offensive cybersecurity are amenable to iterative improvement by would-be adversaries. We argue that assessments should take into account an expanded threat model in the context of cybersecurity, emphasizing the varying degrees of freedom that an adversary may possess in stateful and non-stateful environments within a fixed compute budget. We show that even with a relatively small compute budget (8 H100 GPUHours in our study), adversaries can improve an agent's cybersecurity capability on InterCode CTF by more than 40% relative to the baseline--without any external assistance. These results highlight the need to evaluate agents' cybersecurity risk in a dynamic manner, painting a more representative picture of risk.

AI is enabling a deluge of cyberattacks the likes of which we've never seen before. Late last month, I began to consider withdrawing some money from my savings account to buy gold. It's the first time I've ever thought about panic-buying. For all of the firewalls and two-factor-authentication codes, the safety of the internet is starting to falter. Hackers are gaining the upper hand over organizations around the world--hospitals, energy grids, government agencies, and, yes, banks.

"Defenders cannot afford to take weeks to patch," one Cybersecurity and Infrastructure Security Agency official warned on Wednesday. With new generations of AI models fueling both rapid software vulnerability discovery and the potential for faster exploitation by malicious hackers, the United States Cybersecurity and Infrastructure Security Agency released a new directive on Wednesday that requires more rapid and efficient software patching by federal civilian agencies. The "binding operational directive" (BOD) lays out a rubric for how quickly bugs must be fixed based on four assessments of urgency, with a turnaround time in critical cases of just three days. Chris Butera, CISA's acting executive assistant director for cybersecurity, told reporters on Wednesday that the goal of the directive is to help agencies prioritize, so they can address the most problematic vulnerabilities first while taking more time to remediate bugs that pose a less-pressing risk. The directive comes as private companies and governments have been scrambling to assess the extent of the cybersecurity reckoning that AI vulnerability and exploit development capabilities could unleash.

Anthropic Offers Mythos Upgrade for Cyber Partners and a'Safe' Version for the Rest of You Anthropic is releasing Claude Mythos 5 to trusted organizations and Claude Fable 5 to the public, a version it says can't be used for cyberattacks. Anthropic released two new AI models called Claude Fable 5 and Claude Mythos 5 on Tuesday, which the company says have greater capabilities than the Mythos Preview model it released in April to a limited set of tech industry partners. Anthropic has said the initial, limited release stemmed from concerns that the model's capabilities could be exploited by bad actors to develop hacking tools that could catch defenders off guard. Anthropic is currently only releasing Claude Mythos 5 to a limited set of industry partners, many of which received access to Mythos Preview, and the company says it is collaborating with the US government on the rollout. Claude Fable 5, which is being publicly released, uses the same underlying model as Mythos 5, but will have "guardrails" in place at launch, the company said Tuesday, that will block the model from answering many user questions related to cybersecurity, biology, and chemistry.

On June 5, reported that attackers had been using Meta's AI customer support agent to steal Instagram accounts. Their approach was simple: They asked the agent to link the accounts to email addresses that they controlled, and the agent complied. One attacker broke into the dormant Obama White House account and made pro-Iran posts; others took over accounts with valuable, single-word handles, possibly in order to sell them. AI cybersecurity concerns are nothing new. Since Anthropic announced in April that its Mythos model was too good at hacking to be released to the general public, commentators, researchers, and federal officials alike have fixated on the idea that superpowered AI systems could lay waste to our computer infrastructure. That's not quite what this Instagram hack was: There, AI was the target rather than the attacker, and the method was far simpler than anything Mythos would cook up. But as companies offload more work to AI, these comparatively unsophisticated attacks could wreak their own havoc. "As AI becomes more and more widely used--especially when AI is more and more widely used to automate our work flows, like account recovery--I think attackers are going to be more and more motivated to attack AI itself," says Neil Gong, a professor of electrical and computer engineering at Duke University.

The transport ministry urged executives of infrastructure operators to play active roles in taking measures against cyberattacks and secure sufficient funding and personnel. The transport ministry called on railway firms and other infrastructure operators Thursday to take measures against the misuse of high-performance artificial intelligence models, including U.S. startup Anthropic's Claude Mythos. The instructions were made at a meeting with operators from six infrastructure sectors, also including ports, airports, logistics and water supply. The ministry said that it will set up support desks for those operators regarding cybersecurity. Mythos is said to have advanced capabilities in detecting system vulnerabilities. The Japanese government has already made similar requests to telecommunications operators, broadcasters, financial institutions and local governments.

The company has published an update about Project Glasswing, a month after its launch. Anthropic has published an initial report for Project Glasswing, the cybersecurity initiative it launched in April that aims to prevent AI cyberattacks with, well, AI. The initiative is powered by Claude Mythos Preview, the company's unreleased model, which Anthropic says has already helped its partners find more than ten thousand vulnerabilities overall just a month after Glasswing's launch. In addition, it says most of its partners have each found hundreds of critical-or high-severity vulnerabilities in their software using the model. The company said that its partners' rate of bug-finding has increased by more than a factor of ten.

Plus: Instructure's Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more. The worst part of your iPhone getting stolen may not be the theft itself. Instead, it's the phishing attacks waged against people in your contacts. New research this week shows that there's a thriving ecosystem for tools that let criminals unlock iPhones and target the phone numbers they find inside. Foxconn, the electronics manufacturing giant known for its role in building iPhones, revealed this week that it recently "suffered a cyberattack."