Hello, stay ahead with CISO Brief 🚀

🔒 Anthropic said it will "abruptly disable" its latest models, Claude Fable 5 and Mythos 5, for all users after receiving a U.S. government directive to suspend access for foreign nationals due to national security concerns. The company said it believes the order reflects a "misunderstanding" and is working to restore access while noting other models remain available. Anthropic said a demonstrated narrow jailbreak identified minor, publicly discoverable vulnerabilities, and emphasized its safety classifiers and guardrails to limit misuse. The move follows findings that Mythos-class models can rapidly convert disclosed software flaws into working exploits, raising concerns about fast weaponization of vulnerabilities.

🔎 This report details the discovery of a new macOS Tahoe 26 Biome stream, App.MenuItem, which records specific menu selections made by users across the OS. It explains the artifact's location at ~/Library/Biome/streams/restricted/App.MenuItem/local, the SEGB-encapsulated protobuf format, and recommended processing steps using ccl-segb. The article highlights how the stream reconstructs user intent and workflow, and notes limitations when menu text is non-descriptive.

🚀 Starting today, Amazon Lightsail is available in three additional AWS Regions: Asia Pacific (Hong Kong), South America (São Paulo), and Europe (Spain). This expansion delivers lower latency and improved performance for customers in these geographies while supporting local data residency requirements. The new Regions provide access to Lightsail's full feature set, including instances (general purpose, compute-optimized, memory-optimized), managed databases, container services, and load balancers with predictable pricing.

🔒 Maine has taken its public data breach reporting portal offline after fraudulent disclosures impersonating Discord and VRChat were published. The Attorney General's Office confirmed the reports were hoaxes and removed them, stating there is no evidence of actual breaches by the named companies. Public access to the database is temporarily disabled while the office reviews procedures; companies may still submit notices but the public must request disclosures directly.

🔒 Researchers discovered a 10-year-old authentication bypass in phpBB that allows logging in as any user, including administrators. The flaw affects versions 4.0.0-a2 and 3.3.16 and below and can be exploited with a single HTTP request on default configurations. Aikido reported the issue on June 2 and phpBB patched it in version 3.3.17 on June 6; 4.x users must await a safe release.

🔒Sygnia reports a China-nexus group, tracked as Velvet Ant, backdoored Linux login components including PAM and OpenSSH, embedding long-term access where routine cleanup would not reach. The actor altered trusted login programs to capture credentials, record sessions, or allow secret logins, with traces dating back to 2016. Isolation was bypassed by staging through internet-facing systems and bridging into air-gapped segments.

🔒 Check Point now integrates its Workforce AI governance with Claude’s Compliance API to close substantial visibility gaps in enterprise AI usage. The integration provides continuous, audit-grade records across web, desktop, and mobile surfaces, addressing a critical mobile blind spot that proxies, CASBs, and endpoint DLP cannot cover. It combines content-level exposure analysis, per-user adoption analytics, and unified policy enforcement to enable secure, frictionless AI adoption across the organization.

🚀 Amazon SageMaker AI now supports serverless customization for Nvidia Nemotron 3 Nano via supervised fine-tuning (SFT) and reinforcement fine-tuning (RFT). This open-weight 30B-parameter model can be deployed and adapted to specific domains and workflows directly within SageMaker. Serverless customization handles infrastructure and training orchestration, enabling teams to focus on data and evaluation while paying only for usage. The feature is available in US East (N. Virginia), US West (Oregon), Asia Pacific (Tokyo), and Europe (Ireland), and can be launched from SageMaker Studio or via the SageMaker Python SDK.

🔍 Congress failed to extend Section 702 of the Foreign Intelligence Surveillance Act, creating a short pause in warrantless monitoring of foreign communications. The extension vote was rejected, leaving surveillance put on hold until the next possible vote on June 28, and creating uncertainty about immediate intelligence collection practices. CISOs should note potential impacts on cross-border communications and legal challenges ahead.

⚙️ AWS has launched Storage optimized Amazon EC2 I7i instances in the Europe (Paris) region, powered by 5th Gen Intel Xeon processors and 3rd generation AWS Nitro SSDs. These instances deliver up to 23% better compute performance and over 10% improved price performance versus I4i, with up to 45TB NVMe storage and significant reductions in storage I/O latency and variability. I7i supports torn write prevention up to 16KB and comes in eleven sizes, including bare metal options, with up to 100Gbps network and 60Gbps EBS bandwidth.

🔒 The French government’s secure messaging platform, Tchap, was breached after an intruder took over a user account, according to DINUM. The agency blocked the compromised access and is investigating the extent of exposed information. While encryption was not broken, public chat rooms are unencrypted and the intruder reportedly accessed thousands of messages and files. DINUM reminded users that public rooms are visible to any account and should not contain sensitive content.

🔍 Fortinet highlights its role as a research partner with the MITRE Center for Threat-Informed Defense (CTID), contributing threat intelligence, operational expertise, and research to practical R&D projects. The CTID impact report (2019–2025) demonstrates collaborative efforts to map adversary behavior to detection, controls, and cloud security. Fortinet’s contributions focus on operationalizing ATT&CK-based frameworks, improving detection quality, and advancing program maturity across cloud, identity, and AI-driven workflows.

🔒 Amazon EC2 Capacity Blocks for ML is now available in AWS GovCloud (US-West) and AWS GovCloud (US-East), enabling government and regulated-industry customers to reserve GPU capacity for machine learning workloads. The service lets customers reserve GPU instances in advance for defined durations, providing assured access to accelerated compute for pre-training, fine-tuning, rapid prototyping, and surge inference. Reservations can be made up to eight weeks ahead for durations up to six months, in clusters of one to 64 instances, and can be shared across accounts using AWS Resource Access Manager.

🔎 An international law enforcement operation dismantled the AudiA6 cryptocurrency laundering service, suspected of moving more than €336m for ransomware gangs and other cybercriminals between 2022 and 2025. The probe identified an industrial-scale laundering scheme that used thousands of stolen identities and money mules to obfuscate funds. Arrests, domain seizures and frozen crypto followed coordinated actions across Europe, the US and Georgia.

🛡️ At Check Point Engage Public Sector 2026, leaders and practitioners convened to examine how AI is transforming cyber defense and offense for government organizations. Panels highlighted that AI enables automated, fast, and scalable attacks while also becoming core infrastructure for missions. Speakers urged a shift from reactive models to proactive, prevention-first strategies, emphasizing visibility, governance, and workforce controls to secure AI adoption.

🛡️ GitHub announced npm v12 will flip three permissive defaults to opt-in behavior to reduce software supply chain risk. Starting July 2026, npm will block install scripts, Git dependencies, and remote URL-sourced packages by default. Developers can upgrade to npm 11.16.0+ to receive warnings and use npm approve-scripts to build local allowlists in package.json. Experts praise stronger defaults but warn attackers may shift to private registries and maintainers may approve scripts to avoid build friction.

📘 Today Google Cloud introduces the Open Knowledge Format (OKF), an open, vendor-neutral specification that formalizes the LLM-wiki pattern into a portable directory of markdown files with YAML frontmatter. OKF v0.1 defines a small set of conventions so different producers’ wikis can be consumed by agents without translation. The spec is intentionally minimal — one required type field per concept — and is accompanied by reference producer and consumer implementations and sample bundles.

🛡️ Cybersecurity researchers at Tenet Security disclosed a new attack class called Agentjacking that tricks AI coding agents into executing arbitrary code. The exploit leverages Sentry's public DSN and its MCP interaction to inject crafted error events, which agents like Claude Code and Cursor interpret as trusted resolution steps. Successful exploitation can expose sensitive data and run code with developers' privileges.