When AI Ethics Meet Pentagon Contracts: Why Anthropic Just Got Blacklisted

You know that awkward moment when your principles clash with a major customer’s demands? Well, Anthropic just lived through the enterprise version of that scenario, and it ended with the Pentagon officially designating them as a “supply chain risk.”

Here’s what went down: After months of negotiations, Defense Secretary Pete Hegseth pulled the plug on talks with Anthropic because the AI company refused to budge on two specific use cases for their Claude model. According to Anthropic’s statement, they drew hard lines against “mass domestic surveillance of Americans and fully autonomous weapons.”

When Government Agencies Become the Weakest Link: A $4.8M Lesson in Operational Security

We’ve all seen those security awareness posters about not leaving passwords on sticky notes, but what happens when a government tax agency accidentally publishes a cryptocurrency wallet’s recovery phrase in an official press release? Well, we just got our answer: hackers walked away with $4.8 million in about the time it takes most of us to grab lunch.

Browser Extensions and AI Agents Under Fire: This Week’s Security Wake-Up Calls

Hey everyone – Michael here with what’s been a particularly eye-opening week in security. If you’ve been following the news, you’ve probably noticed some concerning patterns emerging around browser extensions and AI tooling. Let me walk you through what happened and why it matters for all of us defending networks.

The QuickLens Extension Compromise: A Classic Supply Chain Attack

The biggest story this week involves a Chrome extension called “QuickLens - Search Screen with Google Lens” that got completely compromised. BleepingComputer reported that attackers managed to push malware through this extension to steal cryptocurrency from thousands of users.

When Job Hunting Becomes a Security Risk: North Korea’s Latest Trick and Other Threats Worth Watching

I’ve been tracking some interesting developments this week that really highlight how attackers keep finding creative ways to exploit our blind spots. The most eye-catching story? North Korean hackers are now posing as tech recruiters and using coding challenges to install malware on developers’ machines.

The Fake Recruiter Problem

Here’s how it works: You’re a programmer looking for your next opportunity, and you get what looks like a legitimate recruiting email. They want you to complete a coding challenge – perfectly normal in our industry. But when you run their “test code,” you’re actually executing malware that gives them remote access to your system.

RESURGE Malware Highlights the Growing Problem of Dormant Threats

There’s something unsettling about malware that can lie dormant on your network for months, waiting for the right moment to activate. This week’s security news brings us face-to-face with exactly that scenario, along with some interesting developments in AI security and a stark reminder about the fragility of internet freedom.

The RESURGE Wake-Up Call

CISA’s latest warning about RESURGE malware should make anyone running Ivanti Connect Secure devices take a hard look at their environment. What makes this particularly concerning isn’t just that attackers exploited CVE-2025-0282 in zero-day attacks—it’s that the malicious implant can remain completely silent on compromised devices.

Europol Dismantles Child-Targeting Cybercrime Ring as Supply Chain Attacks Hit Developer Tools

The cybersecurity community got some rare good news this week with Europol’s successful takedown of “The Com,” a cybercrime collective that specifically targeted children and teenagers. But while law enforcement was scoring wins, attackers were busy poisoning developer tools and exploiting our ongoing transparency problems around data breaches.

Major Win Against Child-Targeting Criminals

Let’s start with the positive development. Europol’s “Project Compass” wrapped up a year-long investigation that resulted in 30 arrests and identified 179 suspects connected to The Com cybercrime collective. What makes this particularly significant isn’t just the scale – it’s that this group specifically targeted minors.

APT37’s Air-Gap Breakthrough and Why Your Event Security Strategy Needs an Upgrade

I’ve been tracking some concerning developments this week that really highlight how our threat models need to evolve. North Korean APT37 has broken new ground with air-gapped network compromises, while major events are facing wireless and drone threats that most security teams aren’t prepared for. Let me walk you through what’s happening and why it matters for all of us.

When Football Clubs Meet Hackers: Why Sports Organizations Are Prime Targets

You know, I’ve been watching the cybersecurity space for years, but the Olympique Marseille breach this week really drives home something we’ve been seeing more of lately – sports organizations are becoming serious targets for cybercriminals.

The French football club confirmed they suffered what they’re calling an “attempted” cyberattack after threat actors started bragging about breaching their systems earlier this month. Now, I find it interesting they’re using the word “attempted” when there’s already evidence of a data leak. It’s that classic damage control language we see from organizations trying to minimize the impact while they’re still figuring out the full scope.

When Criminals Become Victims: The Week Ransomware Gangs Got a Taste of Their Own Medicine

You know it’s been an interesting week in cybersecurity when the most satisfying story involves a Russian ransomware gang getting blackmailed by a fake FSB officer. But before we dive into that delicious irony, let’s talk about the more serious threats that crossed our desks this week – because while schadenfreude is fun, the reality is that attackers are getting more sophisticated across every front.

The Cisco Zero-Day That Hid for Three Years Shows Why We Need to Rethink Detection

I’ll be honest – when I saw the news about CVE-2026-20127, the maximum-severity Cisco SD-WAN vulnerability that went undetected for three years, my first thought wasn’t about the technical details. It was about all those security assessments where we confidently told clients their networks were secure.

This story, along with some other developments this week, really drives home how attackers are getting better at staying invisible while we’re still playing catch-up with detection.