Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access.
The post Industry Reactions to Claude Fable 5: Feedback Friday appeared first on SecurityWeek.
Iranian Cyber Group Handala Claims Cal Water Hack
The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform.
The post Iranian Cyber Group Handala Claims Cal Water Hack appeared first on SecurityWeek.
Ivanti Sentry Exploitation Attempts Hitting Honeypots
The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.
The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek.
Chrome 149 Update Patches 28 Vulnerabilities
The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.
The post Chrome 149 Update Patches 28 Vulnerabilities appeared first on SecurityWeek.
Anthropic Disputes Fable 5 AI Jailbreak
An AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak.
The post Anthropic Disputes Fable 5 AI Jailbreak appeared first on SecurityWeek.
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.
The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek.
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.
The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appeared first on SecurityWeek.
Alert Fatigue Is Becoming a Security Threat of Its Own
As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise.
The post Alert Fatigue Is Becoming a Security Threat of Its Own appeared first on SecurityWeek.
CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries.
The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeared first on SecurityWeek.
OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques.
The post OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month appeared first on SecurityWeek.
