Researchers at the University of Toronto, in collaboration with the Vector Institute and the University of Cambridge, have published a proof‑of‑concept showing an AI-driven computer worm that adapts its tactics as it spreads. The prototype used an open‑weight large language model running on compromised machines to reason about each target, read public vulnerability advisories in real time and generate tailored exploits. Tests were conducted in an isolated 33‑host network (Linux, Windows and IoT devices) over 15 seven‑day runs; on average the agent identified about 31 vulnerabilities, achieved elevated access on roughly 23 hosts and propagated to about 20 hosts. The authors redacted operational details and disclosed findings to Canadian authorities before release. The worm hijacks infected devices’ compute (including GPUs) to run the model and can repurpose credentials and workarounds it finds, making single‑patch fixes insufficient. The team and outside experts warn the threat could grow as devices gain local inference capability and language models improve, and they urge coordinated responses including accelerated patching, AI‑assisted testing and cross‑sector collaboration.

Security researchers at McAfee Labs uncovered a large-scale Malware-as-a-Service operation dubbed “WeedHack” that has infected more than 116,000 systems since January 2026, adding roughly 2,000–3,000 new infections per day. The campaign relies on malicious JAR files (3,820 identified) and over 240 distribution URLs, spreading via YouTube videos, SEO-poisoned sites, Discord communities and file-hosting links that impersonate popular Minecraft mods and clients. WeedHack’s free tier functions as a comprehensive infostealer targeting Minecraft session IDs, credentials from 36 browsers, 56 browser-based crypto wallets and multiple platforms (Discord, Steam, Telegram). Paid tiers (about $4.99/month) unlock remote-access features including webcam capture, keylogging, screen and keyboard control, and file exfiltration. The platform uses an enterprise-style dashboard with leaderboards and a Telegram channel of ~850 members; McAfee says many customers appear to be teenagers who have used the tool for harassment and blackmail. Technical defenses include EtherHiding (C2 resolution via Ethereum), Windows Defender exclusion manipulation and persistence mechanisms that complicate removal. Reported infections are concentrated in the United States, Germany, India, the UK and other countries. McAfee urges users to avoid unofficial mods, enable MFA and run updated antivirus scans.

Anthropic announced on June 2–3, 2026 that it is widening access to its powerful cybersecurity model Claude Mythos via Project Glasswing, increasing partners from roughly 50 to about 200 organisations. Access is limited to organisations that meet security requirements and includes government bodies, utilities and vendors across more than 15 countries. Anthropic says partners in the expanded cohort operate in sectors such as power, water, healthcare, communications and hardware, and that previous Glasswing testing has surfaced more than 10,000 high- or critical-severity software flaws. The company estimates a successful attack on many partner codebases could affect more than 100 million people. Anthropic has withheld Mythos from general release, saying its dual-use capabilities pose misuse risks, and warned rival firms could produce comparable models within six to 12 months. The expansion follows Anthropic’s confidential IPO filing and comes amid industry and government talks about disclosures, guardrails and responsibility for patching vulnerabilities fast enough to stay ahead of attackers.

Google this week began rolling out a new fake call detection feature for Android designed to block AI-powered impersonation scams. Announced June 2–3, 2026, the protection will arrive globally this month in Phone by Google on devices running Android 12 and later, starting with Pixel phones. The feature works by sending an end-to-end encrypted RCS ‘silent confirmation’ from the caller’s device to the recipient’s handset; if that hardware-bound signal is missing, the recipient’s phone will ping the contact’s device and display a warning advising the user to hang up. The check runs by default in the background and does not analyse call audio. Google built the system on the Rich Communication Services standard so other apps and manufacturers can adopt it. The rollout is part of a wider June Android update that also includes Google Photos’ virtual wardrobe, Circle to Search improvements and expanded cross-platform file sharing. Google and several security outlets cited rising losses from AI voice-cloning impersonation scams as the impetus for the feature.

Atlas Menu, a paid cheat and mod-menu service for Grand Theft Auto V (and reportedly Counter-Strike 2), was breached in May 2026 and publicly reported in early June. Data-breach tracker Have I Been Pwned added the leak after an attacker posted an archive to GitHub, with the exposed records numbering roughly 63,900–64,000 accounts. Stolen fields include email addresses, usernames, IP addresses, support tickets and passwords stored as bcrypt hashes. The attacker said the compromise was retaliation against an alleged scammer. Atlas Menu’s website and storefront were offline at the time of reporting and the service has not issued a public statement. The incident highlights recurring security issues around third‑party gaming cheat operators, whose infrastructure and customer data often lack accountability and professional safeguards.

Security researchers and vendors have confirmed active exploitation of a PAN-OS authentication‑bypass vulnerability (CVE-2026-0257) that enables attackers to establish unauthorized GlobalProtect VPN sessions. Palo Alto Networks initially disclosed the flaw on May 13 and assigned patches and mitigations; Rapid7 observed exploitation beginning May 17 with a second wave May 21. The U.S. Cybersecurity and Infrastructure Security Agency added the defect to its Known Exploited Vulnerabilities catalog on May 29, directing federal agencies to remediate by June 1. The issue can be abused by forging an authentication override cookie when certain certificate configurations are reused, a configuration present in some GlobalProtect portal/gateway deployments. NVD/CVSS ratings were escalated after in‑the‑wild activity, with public scoring reported up to 9.1. Palo Alto has issued updated advisories and patches for multiple PAN‑OS and Prisma Access releases; vendors and researchers urge immediate patching, disabling authentication override cookies where feasible, and review of VPN logs and exposed devices. While many observed intrusions did not show lateral movement, the vulnerability’s ability to grant legitimate‑looking VPN access makes detection and post‑compromise containment challenging.

Security researchers in Austria this week disclosed a new no‑interaction web attack called FROST (fingerprinting remotely using OPFS‑based SSD timing) that can let a malicious webpage infer which other sites and applications a visitor has open. The technique abuses the browser feature Origin Private File System (OPFS) to create a very large file on a visitor’s solid‑state drive and then measures tiny SSD I/O latency variations caused by other activity. Traces are fed to a pretrained convolutional neural network to classify open websites and running apps. In lab tests the team reported about 88.9% accuracy for website identification and roughly 95.8% for detecting applications on an Apple M2 Mac; the SSD timing primitive also worked on Linux though the full attack was not executed there, and Windows was not tested. FROST runs entirely in the browser and can profile activity across different browsers on the same machine. Researchers say the attack is detectable (it requires multi‑gigabyte OPFS files) and only works while the malicious tab remains open. The paper is scheduled for presentation at DIMVA in July 2026 and browser vendors have been notified; there are no confirmed in‑the‑wild incidents.

India’s Central Board of Secondary Education (CBSE) acknowledged on May 31, 2026, that security vulnerabilities were detected in its On-Screen Marking (OSM) portal used for Class 12 evaluation. The board said an expert team drawn from government agencies and Indian Institutes of Technology is working to reinforce the platform, that identified flaws have been contained, and that the portal is being migrated to a more secure environment. The acknowledgement follows disclosures by ethical hackers and researchers, including a detailed blog published May 30 documenting critical flaws allegedly found on Feb. 25 and reported to CERT-In. The researcher described a hardcoded master password, client-side OTP validation and missing route guards that could enable account takeover and tampering with marks. Separate reporting flagged possible procurement and tendering concerns after a student analysis and claims that answer sheets/question papers in an AWS bucket were publicly accessible. CBSE said it has contacted some researchers, thanked those who flagged issues, and invited further responsible disclosure to its security team.

California Attorney General Rob Bonta sued Chrome Holding Co. (formerly 23andMe) on May 28, 2026 in San Francisco Superior Court, alleging the company failed to protect sensitive customer genetic and personal data in a prolonged 2023 breach. Prosecutors say the attack began in April 2023, lasted about five months and ultimately exposed information tied to roughly 6.9–7 million U.S. customers, including about 856,000 Californians. The complaint accuses the company of ignoring warning signs, downplaying the severity of the incident and failing to guard against a credential-stuffing attack that initially accessed about 14,000 accounts and then exploited a vulnerability to harvest wider datasets—raw genetic data, health reports, DNA-relatives information, ancestry and birth-year/location details. Bonta is seeking civil penalties under California’s Genetic Information Privacy Act and consumer protection laws. The lawsuit adds to litigation and regulatory fallout following 23andMe’s March 2025 Chapter 11 filing, a federal settlement fund of $30–50 million for U.S. claimants, a £2.31 million UK ICO fine, and last year’s asset purchase by a nonprofit tied to co-founder Anne Wojcicki for $305 million.

Researchers from Graz University of Technology have demonstrated a new browser-based side-channel attack, dubbed FROST (Fingerprinting Remotely using OPFS-based SSD Timing), that can infer which websites and desktop apps are active by observing tiny timing fluctuations on a machine's SSD. The method runs as JavaScript on a webpage and leverages the Origin Private File System (OPFS) to create and repeatedly read a large local file; contention on the SSD produces measurable latency shifts that a trained convolutional neural network can map to specific sites or apps. In lab tests—including a full demonstration on an Apple M2 system—the team reported classification performance near 89% for visited websites and about 96% for certain macOS apps (F1 scores ~88.95% and ~95.83%). The attack works across different browsers and does not require downloads, permissions or elevated privileges, though it needs the malicious tab to remain open and a large OPFS file that may be noticeable. The researchers disclosed findings to Google, Apple and Mozilla; vendors have not committed to immediate fixes. The study is scheduled for presentation at DIMVA in July 2026. No evidence of FROST in the wild has been reported so far.

The UK’s signals intelligence agency, GCHQ, announced plans to build an AI-powered national cyber shield designed to detect and respond to threats across critical national infrastructure, airlines, telecoms and major companies. Director Anne Keast-Butler said the agency has developed a blueprint to hardwire agentic AI into machine-speed cyber defence and aims to have the capability operational within five years. The system would use autonomous AI agents to identify and repair vulnerabilities in energy, water, healthcare, transport and financial services, and to speed foreign-language translation and data analysis. Keast-Butler framed the programme as a response to intensified hybrid operations from Russia and China’s emergence as a tech superpower, warning that frontier AI can both reveal thousands of software vulnerabilities and be used offensively. The Cabinet Office has invited leading AI firms to collaborate and GCHQ stresses responsible, ethical integration and sovereign IT management. Officials cited recent high-cost incidents such as the Jaguar Land Rover outage and urged businesses to adopt quantum-resistant encryption as quantum computing looms.

IBM and its Red Hat unit on May 28 unveiled Project Lightwell, a $5 billion initiative that combines AI tools and a global force of roughly 20,000 engineers to identify, validate and deploy fixes for vulnerabilities in open-source software used by enterprises. Described as an “enterprise clearinghouse,” the service will let firms confidentially report security flaws, receive tested patches backported to exact dependency versions and integrate those fixes into existing software supply chains. IBM said it piloted the model with major financial institutions including Bank of America, JPMorgan Chase, Goldman Sachs, Visa and Mastercard and expects to launch Project Lightwell as a commercial subscription within about 30 days. Initial technical focus will include Java/Maven with plans to expand to PyPI, npm and Go. IBM positions the effort as a response to acceleration in AI-driven vulnerability discovery — citing recent projects that surfaced thousands of high‑severity flaws — and says the clearinghouse will also coordinate upstream disclosure so fixes reach open-source communities.

The FBI on May 28, 2026 issued an alert warning U.S.-based law firms and other companies that the Silent Ransom Group (SRG) — also tracked as Luna Moth, Chatty Spider and UNC3753 — is increasingly using in-person impersonation alongside phishing and vishing to steal data for extortion. Active since 2022 after the collapse of Conti, researchers say the closed group has claimed responsibility for more than 100 attacks and its activity surged in recent months. SRG typically begins with phone or phishing calls posing as IT support to obtain remote access; if that fails, actors have been sent to victim workplaces to plug in storage devices or otherwise gain physical access and exfiltrate files. Unlike some ransomware crews, SRG often does not encrypt systems but operates a data-leak site to pressure victims. The FBI urged firms to strengthen identity verification, physical access controls, employee training, logging and reporting procedures, and to contact local FBI field offices or the IC3 with information.

Carnival Corporation & plc disclosed on May 27-28, 2026 that a cybersecurity incident detected on April 14, 2026 compromised an employee (or third‑party) account via social engineering, allowing an unauthorized actor to access and copy customer files. In a breach notice filed with Maine authorities the company said 5,995,277 people were impacted; outside researchers and the ShinyHunters hacking group have claimed larger exfiltrations (up to 8.7 million records). Exposed data may include names, contact details, dates of birth, loyalty programme information and government‑issued ID numbers such as passports and driver’s licences; some reports say Social Security numbers may be involved in individualized notifications. Carnival said it blocked the unauthorized activity, engaged third‑party forensic experts, began notifying affected individuals from May 27 and is offering eligible U.S. customers two years of free credit monitoring through TransUnion. The company said it has strengthened monitoring and security controls and urged those notified to watch accounts and report suspected identity theft.

A third‑party site known as “UK Visa Portal” exposed thousands of passport scans, selfie photos and other visa application data — an exposure TechCrunch says totaled at least 100,000 documents. The data was stored in a misconfigured Amazon cloud repository that allowed direct access to files and, in some images, embedded location metadata precise enough to reveal home addresses. The site is not affiliated with the UK government and reportedly mimicked the official GOV.UK service; some users say they paid the company by mistake. TechCrunch alerted the operator and the storage was secured hours after publication, but the company’s management did not respond publicly and instead sent lawyers and a PR firm to the reporter. It remains unclear whether affected individuals or regulators have been notified. Security outlets warn exposed passports and biometric photos heighten risks of identity theft and fraud and advise affected users to monitor accounts, enable multi‑factor authentication and use official government channels for visa applications.

India has begun testing sensitive public-facing financial and government software against Anthropic’s next‑generation AI model, Mythos, officials said on May 27, 2026. Major domestic IT firms including Infosys and Tata Consultancy Services are running vulnerability assessments in secure environments — Infosys is examining and patching its widely used Finacle banking software — while state cyber agency CERT‑In is testing Aadhaar-related systems and government login platforms. Companies are also using Anthropic’s Claude Opus 4.7 to help identify and remediate flaws. New Delhi is seeking controlled access to Mythos, preferably on Indian soil, and has engaged the US on the matter through the Ministry of External Affairs; Anthropic has said decisions on sharing are for the US government. India’s central bank has briefed banks and Finance Minister Nirmala Sitharaman has urged heightened vigilance. The move reflects broader global concern over Mythos’s ability to surface software vulnerabilities quickly and the potential dual-use risks of powerful AI tools.

LONDON, May 27 (Reuters) - Britain’s signals intelligence boss Anne Keast-Butler warned in an inaugural GCHQ lecture at Bletchley Park that the UK and its allies face a “moment of consequence” as adversaries ramp up hybrid activity and advances in artificial intelligence reshape conflict. Keast-Butler said Russia is “scaling up its daily hybrid activity” against the UK and Europe, targeting critical infrastructure, democratic processes, supply chains and public trust, and accused hostile states of increasing espionage and cyberattacks. She described AI as an “unstoppable force” with offensive and defensive ramifications and said GCHQ has drawn up a blueprint for a national AI-driven cyber defence — a machine-speed, agentic system to protect infrastructure and businesses — aiming to deploy capabilities over the coming years. Keast-Butler urged a nationwide push to make cybersecurity “10 times more urgent,” called for deeper public-private cooperation, stronger supply-chain protections, and closer international partnerships as China narrows the technological gap and threats intensify.