A

From the CISO series It's Cybersecurity Headlines

B

April is Trust Month at the CISO series. Join us this Friday for our Super Cyber Friday livestream about hacking vendor trust. More details at the end of the episode. These are the cybersecurity headlines for Wednesday, April 8, 2025. I'm Sarah Lane. Anthropic announces Project Glasswing Anthropic says its unreleased AI model Claude Mythos Preview is powerful enough to autonomously discover and even exploit software vulnerabilities, prompting the company to restrict access and instead share it with more than 40 partners. Through Project Glasswing, the model has reportedly identified thousands of bugs, including long missed flaws in major systems, raising concerns that AI could dramatically accelerate cyber attacks by lowering the skill barrier. Anthropic and participating researchers warned this marked a turning point for cybersecurity, where defenders have to adapt as similar capabilities spread and expose weaknesses across critical infrastructure. US seeks to slash CESA funding the US administration is proposing a $707 million cut to CESA's fiscal year 2027 budget, reducing it to about $2 billion with the goal of refocusing the agency on protecting federal systems and again that critical infrastructure. The plan would eliminate programs seen as redundant or outside its core mission, including misinformation efforts, international engagement and some school safety initiatives. The move follows earlier attempted cuts and major staff reductions, even as CISA looks to hire for key roles and amid ongoing cybersecurity threats. Russia linked hackers hijack routers for passwords the UK's National Cybersecurity center warned that Russia linked hackers from APT28 are compromising widely used Internet routers to steal login credentials for email and other online services. The group, which is tied to Russia's military intelligence agency gru, is said to be using router access to harvest passwords and potentially expand access to additional accounts and networks. US warns of Iranian hackers targeting industrial controllers US agencies including the FBI, CISA and NSA say Iranian linked hackers are targeting Internet exposed industrial controllers used in critical infrastructure, particularly Rockwell Allen Bradley PLC is. The attacks have reportedly been active since last month and involve manipulating operational data and and extracting system files, causing disruption across sectors like energy and water. Officials say the activity is escalating due to geopolitical tensions and urge organizations to secure or disconnect exposed systems, patch vulnerabilities and monitor for suspicious activity. Huge thanks to our sponsor Vanta, risk and regulation are ramping up and customers expect proof of security just to do business. Vanta's automation brings compliance risk and customer Trust together on one AI powered platform. So whether you're prepping for a SoC2 or running an enterprise GRC program, Vanta keeps you secure and keeps your deals moving. Learn more@vanta.com CISO attack hits northern Ireland's Centralized School Network A cyber attack on Northern Ireland's centralized C2K school network forced the education authority to shut down systems, disrupting access for potentially more than 300,000 students and 20,000 teachers. Officials say. The reach was contained early and there isn't evidence so far of data theft or corruption, though investigations with capita and incident responders are ongoing. Schools are gradually being brought back online as authorities prioritize secure restoration and exam related access. Max Severity Flow Wise RCE Vulnerability Exploited Attackers are actively exploiting a critical remote code execution flaw in the Flowwise platform by injecting malicious JavaScript through improperly validated configuration inputs. Researchers at Vulnchek observed early exploitation activity with thousands of Internet exposed instances potentially at risk. Alongside additional flowwise vulnerabilities also under attack. Users are urged to patch to version 3.0.6 or later and restrict public exposure to prevent compromise. US cybercrime losses passed 20 billion for first time the FBI reports cybercrime losses reached a record $20.87 billion in 2025, with complaints surpassing 1 million for the first time. Driven largely by phishing, investment scams and business email compromise, AI is becoming a bigger part of these schemes, with criminals using tools like voice cloning, fake profiles and deepfake content contributing to at least 893 million in those reported losses. Most losses still come from scaled up traditional scams, with fraud accounting for 85% of financial damage. National Security Veterans warn against FISA delays 50 former US national security officials urged Congress to pass a clean reauthorization of Section 702 of the Foreign Intelligence Surveillance act before its April 20 expiration, warning any lapse would harm intelligence operations. The law allows the NSA to collect communications of foreign targets via US Tech infrastructure, but faces opposition from lawmakers pushing for privacy reforms or attaching unrelated legislation. The officials cautioned that political disputes could delay renewal. Be sure to register to join us this Friday for Hacking Vendor Trust, part of our ongoing Trust Month of episodes. On Super Cyber Friday, we'll be breaking down how to build trust with a vendor, when a vendor becomes a trusted partner, and how to navigate people change at a trusted vendor. It's a full hour of discussion, so join our chat room to get involved and play a few fun games. Head on over to the events page@cisoseries.com to register. If you have some thoughts on the news from today or about our show in general, be sure to reach out to us feedbackisoseries.com we would love to hear from you. I am Sarah Lane, reporting for the CISO series. Stay safe out There, Planet Earth and those of you on the moon.

A

Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.