Tennessee Hacker Receives Probation for Supreme Court System Breaches
Nicholas Moore, a 25-year-old from Tennessee, was handed 12 months of probation after pleading guilty to a misdemeanor charge stemming from repeated unauthorized access to the U.S. Supreme Court's e-filing system. Prosecutors say Moore broke into the system on 25 separate occasions, and also accessed systems belonging to AmeriCorps and the Veterans Administration Health System using stolen credentials. Notably, Moore did not exploit his access for financial gain — instead, he posted screenshots of the compromised accounts apparently to gain notoriety online.
UK Military Deployed to Safeguard Undersea Communication Cables
The United Kingdom has mobilized military assets to protect critical undersea communications infrastructure against a perceived threat from Russian naval activity. Assets deployed include warships, support tankers, Merlin helicopters, and RAF P-8 maritime patrol aircraft. Tony O'Sullivan, CEO of RETN, offered a stark assessment of the evolving threat environment:
"Accidental damage is no longer the only threat, and operators and enterprises can no longer assume routes are safe and stable when assessing resilience. Rather, you have to engineer it into the network itself. Route diversity is a must to avoid creating single points of failure, as is ensuring visibility across international paths. Rather than trying to prevent disruption, we have to design networks to cope with it."
Lovable's Shifting Response to a BOLA Vulnerability
Vibe-coding startup Lovable — currently valued at $6.6 billion — attracted criticism over its handling of a Broken Object Level Authorization (BOLA) vulnerability that permitted any free account holder to read other users' source code, database credentials, and chat history. A security researcher reported the flaw through HackerOne 48 days before going public, but the report was closed without escalation because HackerOne initially concluded the exposure was intentional behavior.
Lovable's initial response characterized the issue as a deliberate design decision, only to reverse that position later, acknowledging that a February backend change had accidentally re-enabled access to public project chats — a setting the company had previously patched out.
Iran Claims US Exploited Firmware Backdoors to Disable Isfahan Infrastructure
Iranian state media reported that during an attack targeting the city of Isfahan, networking hardware from Cisco, Juniper, Fortinet, and MikroTik failed simultaneously — even though the equipment was reportedly disconnected from the global internet at the time. Local technical experts suspect the simultaneous failures were triggered by pre-installed firmware backdoors or supply chain compromises, potentially allowing for remote deactivation through satellite signals or internal network commands. The United States has not publicly confirmed or denied involvement.
Unauthorized Users Access Anthropic's Claude Mythos via Third-Party Portal
Anthropic's advanced AI model, Claude Mythos, was reportedly accessed by unauthorized individuals through a third-party vendor environment. According to Bloomberg News, someone discovered the interface, which provided testing access to Mythos' advanced capabilities without authorization. Following the discovery, Anthropic moved quickly to restrict access to the compromised portal. The incident highlights ongoing security challenges surrounding AI model testing infrastructure and vendor access management.
France Titres Data Breach Potentially Exposes Millions of Records
France Titres, the French government agency responsible for issuing passports and driver's licenses, confirmed a security breach affecting its ANTS portal. A threat actor is currently attempting to sell a database on hacking forums that reportedly contains approximately 19 million records, including names, birth dates, and unique account identifiers. The breach could affect a significant portion of the French population and raises serious concerns about the security of government-held identity data.
Sean Plankey Withdraws as CISA Director Nominee
Sean Plankey has officially withdrawn his nomination for the position of Director of the Cybersecurity and Infrastructure Security Agency (CISA), ending a prolonged confirmation stalemate in the U.S. Senate. His withdrawal leaves the nation's primary civilian cyber defense agency without a permanent leader at a particularly sensitive moment for national cybersecurity policy.
The White House will now need to identify and advance a new candidate capable of winning confirmation in a deeply divided Senate. In the interim, Nick Andersen continues to serve as Acting Director of CISA.
UK NCSC Launches SilentGlass Hardware Device to Block Display-Based Data Leakage
The UK's National Cyber Security Centre (NCSC) has developed and released a new plug-and-play hardware security device aimed at preventing sensitive data from being exfiltrated through high-resolution display connections. The device, named SilentGlass, is designed to sit between HDMI and DisplayPort connections and screens, actively blocking anything unexpected or malicious from passing through those links.
Initially tested within UK government organizations, SilentGlass is now available to anyone operating in high-threat environments. The device addresses a lesser-discussed but meaningful attack surface — the physical display link — that could otherwise be exploited to silently capture and transmit sensitive on-screen information.
Global Defense Agencies Warn of Chinese Botnet Targeting Critical Infrastructure
The FBI, CISA, and a coalition of international partners have jointly issued an advisory warning about a large-scale network of compromised small office/home office (SOHO) routers and IoT devices being orchestrated by China-linked threat actors. The advisory specifically calls out Volt Typhoon, a state-sponsored group that has leveraged this botnet infrastructure to target critical infrastructure sectors. The agencies included defensive recommendations to help organizations identify and protect against infiltration through compromised network edge devices.
Google Rolls Out New Security Controls for Chrome Enterprise and Android
Google has introduced an expanded set of security features across its Chrome Enterprise and Android platforms. Chrome Enterprise Premium now includes enhanced data loss prevention (DLP) capabilities along with controls designed to address risks posed by AI applications. On the mobile side, new protections block sensitive data downloads on unmanaged devices. The Google Admin console has also been updated to allow more granular policy enforcement across both browsers and devices, reducing the overall attack surface for enterprise deployments.
Source: SecurityWeek