CybelAngel

Missed what went on in the cybersphere last week? Here are the main stories, including how Google’s Android Intrusion Logging will affect CISOs in one easy digest!

Today Anthropic is set to brief global financial watchdog, the Financial Stability Board, on the on much discussed cyber flaws exposed by Mythos, its new AI model. Read more via the Financial Times.

Mistral AI n'était pas la cible, et pourtant, son SDK officiel s'est retrouvé compromis le 11 mai. Le ver Mini Shai-Hulud, parti d'une faille chez TanStack, a republié automatiquement des versions vérolées de @mistralai/* sur npm et PyPI via la machine d'un développeur. Première fois qu'on voit des paquets npm malveillants avec une attestation SLSA valide : la provenance cryptographique reste nécessaire, elle a cessé d'être suffisante.

The BBC reports that, ‘…an increasing number of cyber attackers are now going further in their efforts to extort their victims - and threatening actual violence. The number of such physical threats rose more than twofold last year in the US.’ Read more on this disturbing new trend.

Ukraine absorbed 1,651 cyber incidents in the last twelve months and Russia took 575, a 3-to-1 imbalance that reflects two completely different doctrines running in parallel: pro-Russian operations are 84% DDoS, concentrated in a single actor and timed to political events, while pro-Ukrainian operations are distributed across a wider set of groups operating on a hack-and-leak model. Our Cyber Operations team have analysed four years of the data. Read their freely accessible report on the conflict so far: https://lnkd.in/e-Rh8kUZ

Are you uneasy about what Claude Mythos can already do in the wild? Well for one it completed a 32-step corporate network attack simulation and was used against critical infrastructure, all before it was publicly released. We broke down what it means for your security team: https://lnkd.in/eNqSzU7q

Here are some of the boldest cyber stories that you may have missed last week in the cybersphere: https://bit.ly/4dFN2T9

„Wir haben nicht zu wenig Threat Intelligence – wir haben zu wenig Klarheit." Am 19. Mai zeigen Inès Zaibet, Zoé D. und Daniel Holzinger, was „Zero False Positives" im SOC-Alltag wirklich bedeutet. 19. Mai 2026, 09:05 CEST, online, kostenlos – Anmeldung in den Kommentaren.

Wondering what does a compliant and effective response looks like when it comes to OTP bot attacks? Our specific financial services guide is now live: https://bit.ly/49u6uAH

At CybelAngel, we prioritize our partners and empower your growth and success. Discover how our partnership program delivers exceptional value for you and your customers. Learn more: https://bit.ly/3R28v0C