A

Authorities dismantle crypto laundering services. Microsoft backs down, but Nightmare Eclipse releases another zero day anyway, and Anthropic wants governments to have the power to stop dangerous AI models. This is Cybersecurity Today. I'm your host Jim Love. Authorities in Germany, Switzerland and several partner countries have dismantled Audi A6, a cryptocurrency laundering service that investigators say helped cybercriminals hide the proceeds of ransomware attacks and cryptocurrency theft, according to Europol. The operation was far more than a simple cryptocurrency mixer, the agency said. Investigators uncovered what they describe as an industrial scale cryptocurrency laundering operation built around thousands of fraudulent exchange accounts or opened using stolen or purchased identities. The service marketed itself as a professional cryptocurrency mixing service, but investigators say it accepted cybercrime proceeds, moved the money through complex transaction routes designed to obscure its origin, and returned it to customers in about an hour after taking a commission of between 3 and 10%. That laundering capability made the service attractive to cybercriminals looking to convert ransomware payments and stolen cryptocurrency into funds that were much harder for investigators to trace. The connection to ransomware appears significant, Europol says. Analysis conducted by Europol linked the criminal service to more than 15 investigations worldwide involving ransomware attacks and large scale cryptocurrency theft, Europol says. Analysis conducted by Europol linked the criminal service to more than 15 investigations worldwide involving ransomware attacks and large scale cryptocurrency theft. For law enforcement, the operation reflects a growing strategy of targeting the financial infrastructure behind cybercrime. Ransomware gangs can change their malware, their servers and even their names, but moving and cashing out stolen cryptocurrency is much harder without trusted laundering networks. The Takedown of Audi:6 may not end ransomware, but it strikes it one of the services that helps cybercriminals turn digital extortion into real world profits. If Microsoft hoped that backing away from its threats of legal action against security researcher Nightmare Eclipse would ease tensions, those plans seem to have failed. The researcher has now released proof of concept code for Rogue Planet, a new Windows Defender Zero day that reportedly works against fully patched Windows 10 and Windows 11 systems, according to the Register. The flaw allows local privilege escalation to system level access if an attacker can successfully win a race condition. Rogue Planet is now the seventh Microsoft zero day that Nightmare Eclipse has publicly disclosed before Microsoft released a fix. The release comes after Microsoft attempted to calm a growing backlash from the security community by stating it had no intention to pursue action against individuals conducting or publishing security research. But the researcher clearly remains angry over Microsoft's handling of previous vulnerability reports, Nightmare Eclipse wrote in an earlier blog post. When I actively asked you to communicate with me, you refused, humiliated me and made sure to insult me in front of people. The researcher continued. You defame me in public with your CVE2026, 45585 advisory even though you literally deleted the Microsoft account I used to report bugs to you with, and I got zero pennies for doing so and I still happily did like an idiot. Microsoft told the Register it's aware of the reported vulnerability and is actively investigating the validity at potential applicability of these claims. Meanwhile, respected vulnerability researcher Will Dorman tested the exploit code and reported it's reportedly not 100% reliable, but it worked on the first attempt. For me, the bigger story may be what happens next. Earlier Nightmare Eclipse exploits, including Red Sun, Undefend and Blue Hammer, were reportedly exploited before Microsoft released patches. That history helps explain why each new disclosure attracts so much attention from defenders. And while the researcher had previously promised what they called a bone shattering disclosure on July 14, that threat now appears to be off the table. This week, Nightmare Eclipse wrote, unfortunately, I will be unable to mass disclose zero days in July 14, adding, I did not intend to spread a mass panic with that post and I apologize for doing so. Microsoft may have backed away from the confrontation, but the dispute itself may be far from over. Anthropic is making one of the strongest regulatory arguments yet from a major AI company. Governments should have the authority to stop the deployment of advanced AI systems that present unacceptable risks. While the proposal is new, the reasoning behind it is not. Anthropic CEO Dario Modi has repeatedly argued that increasingly powerful AI systems may require stronger oversight and in some cases, a slower path to deployment. In a new paper, Amadei points to anthropic cybersecurity focused Mythos model as evidence that AI systems have already crossed an important threshold. The report says the evidence of AI's incredible power as well as its risks has become undeniable. He called Mythos Preview the most emblematic example and said it demonstrated that frontier AI models pose very real threats to cybersecurity, creating the potential for disruption of the financial sector, critical infrastructure and national security. Amodei went even further, writing that the Mythos preview scrambled the global cybersecurity landscape and that its broader significance is that it proves beyond a doubt that AI models are now tools of global and national strategic consequence. Supporters say that the position reflects Anthropic's commitment to safe AI development and deployment and its experience in developing frontier models. Mythos has caused concern and in some organizations, something approaching panic about AI enabled vulnerability, discovery and offensive cybersecurity capabilities. The possibility that AI could dramatically accelerate the discovery and exploitation of software flaws has become a boardroom issue across North America. But critics see another possibility. They argue that calls for tighter controls may benefit Anthropic through the publicity they generate, and because the company already holds the leading position in the AI race in this area. In that view, stronger regulation could slow competitors and raise barriers to entry. There might be some logic to that argument, but the evidence is mixed. Anthropic is no longer alone in developing advanced cybersecurity focused AI systems. Microsoft and OpenAI have both introduced competing capabilities, and Microsoft has published benchmark results claiming its own model has outperformed Anthropic's Mythos on several security related tasks. So if the goal were simply to preserve a unique competitive advantage, that argument doesn't really hold up. And Amodei continues to argue that the risks won't stop with just cybersecurity. The cyber risks that Mythos class models present will not be the last that we must face, he wrote. I believe that biological risks may soon follow and that serious AI autonomy risks may not be far behind. So that leaves us with a fundamental question. Is Anthropic trying to protect its market position, or is Dario Amodei genuinely warning that AI capabilities are advancing faster than existing safeguards can manage? Either way, misjudging the answer could have grave consequences. And that's our show. Hope you can join us for Cybersecurity on the weekend. David Shipley has a great show for you and he'll also be back in the News chair on Monday morning. I'm your host Jim Love. Thanks for listening.