Threat Intel

Anthropic CEO Dario Amodei just issued a sobering warning that diverges sharply from the typical tech optimism we see in Silicon Valley. In a recent interview, he predicted that AI could wipe out 50% of entry-level white-collar jobs and drive unemployment to 20% within the next 1 to 5 years.

His main argument is about velocity. While society has adapted to technological shifts in the past, Amodei warns that AI is advancing faster than the labor market can adapt. He believes reliance on “natural adaptation” is too optimistic and actually suggests radical policy changes—including taxing AI companies like his own—to prevent extreme inequality and protect the democratic social contract.

His advice to professionals is simple: do not get blindsided. Start learning to use these tools immediately to speed up your own adaptation curve.

Watch the full interview here: www.youtube.com/watch

#ArtificialIntelligence #FutureOfWork #Anthropic #Economy #TechNews

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release - SecurityWeek

Threat actors are actively exploiting a critical BeyondTrust vulnerability (CVE-2026-1731) within 24 hours of a proof-of-concept (PoC) exploit being released. This flaw, affecting BeyondTrust Remote Support and Privileged Remote Access, allows for unauthenticated remote code execution and has seen exploitation attempts from multiple IP addresses, some previously involved in other vulnerability exploits.

Google fears massive attempt to clone Gemini AI through model extraction | CSO Online

Google detected and blocked a campaign using over 100,000 prompts aimed at cloning its Gemini AI model through model extraction, a process that allows attackers to create smaller models with the core traits of larger ones. This tactic is considered intellectual property theft, and Google is actively working to prevent it while also noting that nation-state groups have used Gemini to accelerate their own attack operations.

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA has flagged a critical Microsoft Configuration Manager (SCCM) vulnerability, CVE-2024-43468, as actively exploited in attacks, ordering U.S. government agencies to patch it by March 5th. This SQL injection flaw allows unauthenticated attackers to gain code execution with the highest privileges, despite Microsoft initially deeming exploitation unlikely.

Fake North Korean IT workers are rampant on LinkedIn – security experts warn operatives are stealing profiles to apply for jobs and infiltrate firms | IT Pro

Security experts warn that fake North Korean IT workers are exploiting LinkedIn by hijacking genuine profiles to apply for remote jobs and infiltrate companies. These operatives use verified credentials and create convincing employment histories, posing a significant cyber risk by potentially stealing intellectual property and installing malware.

Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet

A new wave of phishing campaigns is targeting users through fake meeting invites and update alerts for platforms like Zoom, Teams, and Google Meet. These attacks trick users into downloading malicious updates that install Remote Monitoring and Management (RMM) tools, granting attackers full system access.

OpenClaw 2026.2.12 Released With Fix for 40+ Security Issues

The release of OpenClaw 2026.2.12 addresses over 40 security vulnerabilities, significantly enhancing the AI agent platform’s protection. Key improvements include strengthened SSRF defenses in the gateway, prompt-injection mitigation by sanitizing tool outputs, and hardening of hooks and webhooks with constant-time checks and rate limiting.

How to find and remove credential-stealing Chrome extensions | Malwarebytes

Researchers discovered 30 malicious Chrome extensions in the Chrome Web Store that were stealing credentials from over 260,000 users by using a full-screen iframe. The article provides instructions on how to find and remove these extensions from Chrome and Edge browsers, emphasizing the use of unique extension IDs for accurate identification.

Major ‘vibe-coding’ platform Orchids is easily hacked, researcher finds

A cyber-security risk has been discovered in the AI coding platform Orchids, allowing a researcher to hack a BBC reporter’s laptop through a zero-click attack. This vulnerability highlights the potential dangers of AI bots having deep access to computers, even as such platforms gain popularity for enabling users without technical skills to create apps and games.

Chrome Extensions Infected 500K Users to Hijack VKontakte Accounts

Over 500,000 users were affected by malicious Chrome extensions designed to hijack VKontakte accounts. These extensions, disguised as customization tools, silently subscribed users to attacker-controlled groups, manipulated security tokens, and reset account settings to maintain persistent control over accounts.

BSI läutet Ende der klassischen Verschlüsselung ein | CSO Online

The BSI has issued a new guideline, TR-02102, mandating that classic encryption methods must be combined with Post-Quantum Cryptography (PQC) starting in 2031, with systems requiring high security needing to comply by the end of 2030. This directive signifies the end of standalone traditional encryption and signature methods, pushing towards a hybrid encryption approach to ensure future security against quantum computing threats.

Apple patches decade-old iOS zero-day exploited in the wild • The Register

Apple has patched a decade-old zero-day vulnerability in iOS affecting the dynamic linker (dyld), which was exploited in an extremely sophisticated attack against targeted individuals. This flaw, discovered by Google’s Threat Analysis Group, allowed attackers with memory write capability to execute arbitrary code, potentially chaining with other vulnerabilities for zero-click exploitation.

Qilin admits Georgia housing authority breach, leaks files | SC Media

The Qilin ransomware operation has claimed responsibility for a data breach affecting the Augusta Housing Authority (AHA) in Georgia, leaking sensitive files including financial and employee benefit information. Qilin has been highly active, with the AHA breach being one of many claimed victims in early 2026.

Odido cyber attack: Hackers gained access to 6.2 million people’s data | NL Times

Hackers gained access to personal data of potentially 6.2 million people through a cyber attack on Odido’s systems, including names, addresses, and identification details. The data breach, which did not affect services, has been reported to the Dutch Data Protection Authority.

Russia, Iran accuse Elon Musk’s Starlink of violating international law | Company News - Business Standard

Russia and Iran have accused Elon Musk’s Starlink of violating international law by blurring the lines between commercial and military technology. The UN meeting highlighted concerns that Starlink’s operations, particularly its use in Ukraine and Iran, may contravene the 1967 Outer Space Treaty and national sovereignty.

RU-APT-ChainReaver-L Hijacks Trusted Websites and GitHub Repos in Massive Cross-Platform Supply Chain Campaign

The RU-APT-ChainReaver-L campaign is a sophisticated, cross-platform supply chain attack that hijacks trusted websites and GitHub repositories to distribute infostealer malware across Windows, macOS, and iOS. The attackers use valid code signing certificates, deceptive redirects, and compromised file-sharing services like Mirrored.to and Mirrorace.org to evade detection and steal credentials, cryptocurrency, and sensitive files.

Georgia healthcare company data breach impacts more than 620,000 | The Record from Recorded Future News

A cyberattack on Georgia-based ApolloMD has exposed the sensitive information of over 620,000 individuals, including names, dates of birth, addresses, diagnoses, and Social Security numbers. The Qilin ransomware gang claimed responsibility for the breach, which occurred between May 22 and May 23 of last year.

Volvo Group hit in massive Conduent data breach

A massive data breach at Conduent has impacted nearly 17,000 Volvo Group North America employees, with the total number of affected individuals rising to 25 million. The breach, which occurred between October 2024 and January 2025, exposed sensitive personal data including names, addresses, dates of birth, Social Security numbers, and health information.

Crazy ransomware gang abuses employee monitoring tool in attacks

The Crazy ransomware gang is using legitimate employee monitoring software and the SimpleHelp remote support tool to gain and maintain access to corporate networks, evade detection, and deploy ransomware. Threat actors abuse these tools to remotely view victim desktops, execute commands, and monitor for cryptocurrency wallets and remote access tools before deploying ransomware.

Nevada Unveils New Statewide Data Classification Policy Months After Cyberattack - SecurityWeek

Nevada has implemented a new statewide data classification policy with four tiers (public, sensitive, confidential, restricted) to standardize data privacy and protection. This policy was developed to enhance cybersecurity efforts and digital resilience across state agencies, following a significant cyberattack that disrupted state systems.

GitHub - bhavsec/autopentest-ai: Agentic Pentesting MCP server that discovers, exploits, and reports web application vulnerabilities.

Interesting get how I found that claims… The autopentest-ai GitHub repository provides an agentic pentesting MCP server that automates web application penetration testing by crawling applications, mapping endpoints, and running parallel agents to test for various vulnerabilities like XSS and SQLi, all based on the OWASP Web Security Testing Guide (WSTG). It features a structured 7-phase workflow, a comprehensive quality assurance system with automated phase gates and a final judge review, and generates evidence-based findings with reproducible curl commands.

Free Tool Says it Can Bypass Discord’s Age Verification Check With a 3D Model

A new tool has emerged that claims to bypass Discord’s age verification system by allowing users to manipulate a 3D model instead of requiring a facial scan. This comes after Discord globally launched “teen-by-default” settings, which have faced criticism and may lead to more users being prompted for age verification.

Singapore Mounts Largest-Ever Coordinated Cyber Defense

Singapore conducted its largest-ever coordinated cyber defense operation, dubbed Operation Cyber Guardian, to counter a sophisticated cyberespionage campaign linked to the suspected Chinese threat actor UNC3886. This extensive, nearly year-long effort involved over 100 cyber defenders from government, military, intelligence, and private sectors to protect major telecommunications networks from state-linked attacks.

Домены WhatsApp исчезли из НСДИ: доступ к мессенджеру ограничен в России

The domains for the WhatsApp messenger have been removed from Russia’s National Domain Name System (NSDI), restricting access to the service within the country. This action follows similar restrictions on YouTube, Discord, and Signal, making access to WhatsApp now dependent on VPN usage.

LummaStealer infections surge after CastleLoader malware campaigns

LummaStealer infections have surged, with the CastleLoader malware now acting as the primary delivery mechanism, often utilizing ClickFix techniques. This infostealer, previously disrupted, has scaled significantly by employing CastleLoader’s modular and in-memory execution capabilities to distribute its payload.