AI models now surpass most humans at finding and exploiting software vulnerabilities, said Anthropic.

A new Anthropic project will see global companies use Claude as part of their defence security systems.

‘Project Glasswing’ gives partnering companies access to Anthropic’s unreleased Claude Mythos, which, according to the AI giant, has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Mythos was launched in preview yesterday (7 April).

Anthropic’s Mythos preview is significantly more capable at generating exploits. In its research, the company noted that Mythos developed working exploits 181 times out of the several hundred attempts, while Opus 4.6 had a near 0pc success rate.

“We did not explicitly train Mythos preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning and autonomy,” the company noted. Publications, including the New York Times and the Register have warned against the negative consequences of models such as Mythos falling into the hands of bad actors.

Fortunately, Anthropic has chosen not to release the model. Instead, the company is bringing together leading businesses, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JP Morgan Chase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks, allowing them to access Mythos preview to boost their cyber defences.

The company has extended Mythos access to a group of more than 40 organisations that build or maintain critical software infrastructure.

“AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities,” said Anthropic.

Anthropic has promised to share learnings from Project Glasswing to benefit the wider industry. The company has also made a commitment of up to $100m in usage credits for Mythos preview across the project, as well as $4m in direct donations to open-source security organisations.

The Claude-maker has also hired Eric Boyd, the long-term president of AI platforms at Microsoft, to lead as the company’s head of infrastructure.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Specialized’s proprietary, 700-watt motor feels natural—sometimes to an annoying extent, as the bike is designed for you to pedal and you won’t get faster than 10 mph just by using the throttle. Also, there’s no option for a dual battery. Still, the battery well exceeded Specialized’s estimated 60-mile range. Granted, I am a small person, but I was usually hauling at least one other person on the bike with me at all times, so I still found this remarkable.

It’s easily adjustable—both my 5’10” husband and my 5’2″ self were able to switch off riding, which is important if this is your family’s all-purpose hauler. The display is intuitive, and the buttons are well-spaced apart so you don’t get confused or end up button-mashing. Also, Specialized’s accessories go a long way toward making this bike so much more useful. Yes, you could jerry-rig some Home Depot buckets to the front of your bike and drill holes in the bottoms for them to drain, but the Coolcave panniers ($90) are so much more attractive, easy to use, and helpful for carting everything from kid dioramas to a dozen tiny soccer balls.

Best Value

The vast majority of people I know who buy a cargo ebike with their own money choose the Lectric XPedition2. There is just no better value for a dual-battery long-tail cargo ebike. Out of the box, Lectric has also gone above and beyond to make its bikes and accessories easy to assemble and use. You even pop the pedals in, instead of using regular screw-on pedals.

This bike’s specs are also wild for the price. It has a 1,310-watt rear hub motor, twice as powerful as the already-powerful Globe Haul. (It has a throttle and is a Class 2 ebike out of the box, though you can use the display to unlock its Class 3 capabilities and assist up to 28 mph.) It has hydraulic disc brakes, front suspension, an incredibly large and bright LCD color display, integrated lights, and fenders.

The Figure breach exposed 967,200 email records without a single exploit. Understanding what that enables — and why your MFA cannot contain it — is an architectural problem, not a user education problem.

In February 2026, TechRepublic reported that Figure, a financial services company, exposed nearly 967,200 email records in a newly disclosed data breach. No vulnerability was chained. No zero-day was burned. The records were accessible, and now they are in adversary hands.

Coverage of breaches like this tends to stop at the count. That is the wrong place to stop. The number of exposed records is not the event — it is the starting inventory for the event that follows.

To understand the actual risk, you have to follow the attack chain that a credential exposure like this enables, step by step, and ask honestly whether the authentication controls in your environment can interrupt it at any point.

Most cannot. Here is why.

What Adversaries Do With 967,000 Email Records

Exposed email addresses are not static data. They are operational inputs. Within hours of a record set like this becoming available, adversaries are running it through several parallel workflows simultaneously.

The first is credential stuffing. Figure customers and employees almost certainly reused passwords across services. Adversaries combine the exposed addresses with breach databases from prior incidents — LinkedIn, Dropbox, RockYou2024 — and test the resulting pairs against enterprise portals, VPN gateways, Microsoft 365, Okta, and identity providers at scale. Automation handles the volume.

Success rates on credential stuffing campaigns against fresh email lists routinely run at two to three percent. On 967,000 records, that is 19,000 to 29,000 valid credential pairs.

The second workflow is targeted phishing. AI-assisted tooling can now generate personalized phishing campaigns from an email list in minutes. The messages reference the organization by name, impersonate internal communications, and are visually indistinguishable from legitimate correspondence.

Recipient-specific targeting — using job title, department, or public LinkedIn data to tailor the lure — is standard practice, not a capability reserved for nation-state actors.

The third is help desk social engineering. Armed with a valid email address and basic OSINT, adversaries impersonate employees in calls to IT support teams, requesting password resets, MFA device resets, or account unlocks.

This attack vector bypasses authentication technology entirely — it targets the human process that exists to handle authentication failures.

In each of these workflows, no technical vulnerability is required. The adversary’s goal is not to break in. It is to log in as a valid user. The breach does not create access. It creates the conditions under which access becomes achievable through the authentication system itself.

Why Legacy MFA Cannot Interrupt This Chain

This is the part of the analysis that most incident post-mortems underweight. Organizations read about a credential exposure and conclude that their MFA deployment protects them. For the attack chain described above, that conclusion is structurally incorrect.

Modern adversary tooling executes what security researchers call a real-time phishing relay, sometimes referred to as an adversary-in-the-middle (AiTM) attack. The mechanics are precise.

An adversary builds a reverse proxy that sits between the victim and the legitimate service. When the victim enters credentials on the spoofed page, the proxy forwards those credentials to the real site in real time.

The real site responds with an MFA challenge. The proxy forwards that challenge to the victim. The victim responds — because the page looks legitimate and the MFA prompt is real. The proxy forwards the response. The adversary receives an authenticated session.

Push notification MFA, SMS one-time codes, and TOTP authenticator apps are all vulnerable to this relay. They authenticate the exchange of a code. They do not verify that the individual completing the exchange is the authorized account holder. They cannot distinguish a direct session from a proxied one.

Toolkits that automate this attack — Evilginx, Modlishka, Muraena, and their derivatives — are publicly available, actively maintained, and require no advanced tradecraft to operate. The capability is not exotic. It is the baseline.

MFA fatigue compounds this. Adversaries who obtain valid credentials but cannot relay the session in real time will instead trigger repeated push notifications until a user approves one out of frustration or confusion. This attack has been used successfully against organizations with mature security programs, including in incidents that received significant public coverage.

The common thread across all of these techniques: legacy MFA places a human being at the final decision point of the authentication chain, then relies on that human to make the correct call under conditions specifically engineered to defeat it.

The Structural Problem Legacy MFA Cannot Solve

The security industry’s standard response to authentication failures is user education. Train people to recognize phishing. Teach them to verify unexpected MFA prompts. Remind them not to approve requests they did not initiate.

This response is not wrong. It is insufficient, and the insufficiency is architectural, not motivational.

A relay attack does not require a user to recognize a phishing page. The MFA prompt they receive is real, issued by the legitimate service, delivered through the same app they use every day. There is nothing anomalous for the user to detect. The attack is designed to be invisible to the human in the loop — and it is.

The deeper problem is that the authentication architecture most organizations have deployed was not designed to answer the question that actually matters in a post-breach environment: was the authorized individual physically present and biometrically verified at the moment of authentication?

Push notifications do not answer this question. SMS codes do not answer this question. TOTP does not answer this question. USB hardware tokens answer a related but different question — they prove the registered device was present, not the authorized person.

Auditors, regulators, and cyber insurers are increasingly drawing this distinction explicitly. The question “can you prove the authorized individual was there?” is appearing in CMMC assessments, NYDFS examinations, and underwriter questionnaires. Device presence is no longer accepted as a proxy for human presence in high-stakes access contexts.

What Phishing-Resistant Authentication Actually Requires

FIDO2/WebAuthn gets cited frequently in this conversation, and it is a meaningful step forward — but it is not sufficient on its own. Standard passkey implementations bind the credential to a device or cloud account.

Cloud-synced passkeys inherit the vulnerabilities of the cloud account: SIM swap attacks against the recovery phone number, account takeover via credential phishing, recovery flow exploitation. Device-bound passkeys prove device possession. They do not prove human presence.

Phishing-resistant authentication that closes the relay attack vector requires three properties simultaneously:

• Cryptographic origin binding: the authentication credential is mathematically tied to the exact origin domain. A spoofed site cannot produce a valid signature because the domain does not match. The attack fails before any credential is transmitted.
• Hardware-bound private keys that never leave secure hardware: the signing key cannot be exported, copied, or exfiltrated. Compromise of the endpoint does not compromise the credential.
• Live biometric verification of the authorized individual: not a stored biometric template that can be replayed, but a real-time match that confirms the authorized person is physically present at the moment of authentication.

When all three properties are present, a relay attack has no viable path. The adversary cannot produce a valid cryptographic signature from a spoofed site. They cannot relay a session because the cryptographic binding fails the moment the origin changes.

They cannot use a stolen device because the biometric verification fails without the authorized individual. They cannot social-engineer an approval because there is no approval prompt — the authentication either completes with a live biometric match at the registered hardware, or it does not complete.

Token: Cryptographic Identity That Verifies the Human, Not the Device

TokenCore was built on a single, uncompromising principle: verify the human, not the device, credential, or session.

Most authentication products add factors to a weak foundation. Token replaces the foundation. The platform combines enforced biometrics, hardware-bound cryptographic authentication, and physical proximity verification — three properties that must all be satisfied simultaneously for access to be granted.

There is no fallback. There is no bypass code a user can enter in the field. The authorized individual is either present and verified, or access does not occur.

This matters precisely because of the attack chain described above. Token’s Biometric Assured Identity platform eliminates each link:

• No Phishing. Every authentication is cryptographically bound to the exact origin domain. A spoofed login page produces no valid signature — Token simply refuses to authenticate.
• No Replay. The private signing key never leaves the hardware. A relayed session cannot be reconstructed because the cryptographic material it would need to replicate is physically inaccessible.
• No Delegation. A live fingerprint match is required for every authentication event. A colleague, an adversary with a stolen device, or a social engineering target cannot complete authentication on behalf of the authorized individual.
• No Exceptions. There is no code, no recovery flow, and no help-desk override that can substitute for biometric presence. The control is absolute because the risk is absolute.

The form factor matters too. Token is wireless — Bluetooth proximity, no USB port required. Authentication takes one to three seconds: the user initiates a session, taps their fingerprint on the Token device, Bluetooth proximity confirms physical presence within three feet, and access is granted.

For on-call administrators, trading floor operators, and defense contractors working across multiple workstations, this eliminates the friction that drives the shadow IT and workaround behavior legacy hardware tokens create.

Unlike USB-based alternatives, Token is field-upgradeable over the air. As adversaries evolve their tooling, Token’s cryptographic controls can be updated remotely and immediately — without replacing hardware or reissuing devices. The investment does not expire when the threat landscape changes.

Token verifies the human. Not the session. Not the device. Not the code. The human.

Advertisement

The Honest Assessment

The Figure breach will produce downstream authentication attacks. So will the next breach, and the one after that. The adversary infrastructure that runs credential stuffing, AI-generated phishing, and real-time relay attacks operates continuously against exposed email records.

The question is not whether these attacks will be attempted against your environment. They will be.

The relevant question is whether your authentication architecture requires human judgment to succeed — or whether it is designed so that human judgment is not the failure point.

Legacy MFA, in all of its common forms, requires human judgment. A user must recognize the anomaly, question the prompt, and make the correct decision under adversarial pressure. That is a brittle dependency at a critical control point, and adversaries have built an entire toolchain to exploit it.

Token removes that dependency. The device signs for the legitimate domain with a confirmed biometric match — or it does nothing. There is no prompt to manipulate. There is no decision to engineer. There are no exceptions.

That is not a feature. It is the architectural requirement for authentication that holds under the conditions this breach, and every breach like it, creates.

See How Token Closes the Gap

Token’s Biometric Assured Identity platform is built for organizations where authentication failure is not an acceptable outcome — defense contractors, financial institutions, critical infrastructure, and enterprise environments with high-privilege access requirements.

Cryptographic. Biometric. Wireless. No phishing. No replay. No delegation. No exceptions.

Learn more. Visit tokencore.com.

Sponsored and written by Token.

from the fuck-em-for-being-human-beings,-I-guess dept

I’m not here to cut the Trump administration any slack or engage in both-sides bullshit, but this is something that has always been true: we treat anyone imprisoned or detained as less than human. The dehumanization begins with something we call “processing” — a word that separates a human from their humanity by making them sound like nothing more than paperwork.

The horrors seen in jails and prisons are often compounded at immigrant detention facilities. While some duty of less-than-minimal care might be extended to imprisoned US citizens, it’s far more often ignored when federal officers believe (mistakenly) that migrants aren’t protected by the Constitution.

The litany of violations stretches back forever. Techdirt doesn’t stretch back quite that far, but let’s take a stroll down memory lane.

From 2022, back when Biden was still in office and people like me were thinking no one would ever elect Trump to office again:

ICE’s ‘Fierce Commitment’ To Ensuring Detainees Are Cared For Properly Includes Inadequate Staffing, Unsanitary Facilities

That’s taken from a report demanding (“Management Alert”) the immediate removal of all detainees from this New Mexico detention center due to numerous violations, including a shortage of 112 employees and no less than 83 cells with “inoperable” sinks and toilets.

Going back further to Trump’s first administration:

Report Shows ICE Almost Never Punishes Contractors Housing Detainees No Matter How Many Violations They Rack Up

In this Inspector General’s report, we learned that only 28 of 106 contractors were provided with the tools needed to meet minimum “performance standards.” We also learned that the $3.9 billion being thrown to private contractors was shored up by absolutely no level of accountability. ICE approved 96% of waivers requested by contractors who failed to meet minimum housing standards for detainees.

While it’s been a persistent problem, things are significantly worse now. The Trump administration is detaining more migrants than ever before. It’s also far more willing to pawn these duties off on private prison contractors who prioritize making money over taking care of the people thrust into their care by Trump’s top bigots.

On top of that, the administration is fighting wars on several litigation fronts in hopes of preventing any form of oversight from slowing its roll towards total migrant annihilation. Everything that was bad before is getting so much worse.

Thanks to the White House Merchant of Death, RFK Jr., measles outbreaks are being reported at detention facilities. Thanks to absolutely every-fucking-body else in the administration, reports of inhumane conditions are somehow still on the rise, even after years of regularly reported inhuman conditions at ICE facilities.

Here’s even more. At a facility where guards were caught setting up suicide “death pools” for inmates, more evidence of deliberate cruelty and inhumane treatment has surfaced. The host of ongoing atrocities is none other than Camp East Montana, comfortably nestled in the heartland of the “who gives a fuck about immigrants” Fifth Circuit: El Paso, Texas.

Here’s the New York Times with the details of more man’s inhumanity to man, as personified by “immigration enforcement” forces of Trump’s second term.

An inspection in February of Camp East Montana in Texas, one of the country’s largest immigration detention centers, found dozens of violations of national standards, including instances that may have exposed detainees to illnesses and uses of force that were not documented, a new report found.

[…]

The inspection, which was carried out by the agency over three days in February and included interviews with 49 detainees, found that there were at least 49 overall “deficiencies” from national standards at the camp. Of all the deficiencies, 22 involved use of force and restraints, and five involved issues related to medical care. 

Advertisement

ICE actually released this inspection report. However, it did make sure names were changed redacted to protect the innocent guilty. While it’s uncharacteristically protective of the inspectors, it also makes sure we may never know which “Creative Corrections” employees helped make this detention center the hell hole it is.

Other censorship by the administration deliberately denies Americans access to the facts. What possible purpose is served here, other than allowing the government to pretend its rights violations were somehow excused by the [redacted] passage of time?

The government not only censored the number of detainee files reviewed, but also the ratio of files in noncompliance. What escapes ICE’s black-boxed attempts to redeem itself is this, which is plenty damning on its own:

[I]nitial classification process and initial housing assignments were not completed within 12 hours of detainees’ admission […]; rather they were completed 14 hours to 25 days after [admission]…

Everything that might show how often (or how frequently) violations occurred has been removed. It’s a deliberate muddying of the statistical waters. Who knows what’s behind the black box? It could mean rights were violated 10% of the time. Or it could mean rights were violated almost every time. But we the people — you know, the ones expected to foot the bill for this bullshit — aren’t allowed to know the actual details of what’s being done in our names.

If the government wants to play it that way, fine. We’ll just assume the worst and dare it to provide evidence to the contrary. And we know it never will. If or when the government decides to unredact this report, it will undoubtedly show us what we’ve always assumed: The administration and its contractors routinely abused detainees and violated their rights because the people in charge made it clear they don’t consider migrants to be humans.

And that makes this news as inevitable as it is deplorable:

So far this year, 14 people have died in U.S. Immigration and Customs Enforcement custody, including a Mexican man who was found unresponsive last week at a facility outside Los Angeles, according to data from the Department of Homeland Security.

If that seems like a low (or worse, an acceptable) number of deaths, think again:

In 2025, ICE reported 33 total in-custody deaths and in 2024 there were 11.

Deaths in ICE custody tripled under Trump during his first year back in office. If this pace continues, we’ll be looking at 56 in-custody deaths, which would nearly double the same number Trump managed to triple in 2025.

This will only get worse. The administration is still trying to buy up any warehouses it can to repurpose as detention centers. The workload is being stretched even thinner, leaving private citizens more poorly trained than current ICE officers in charge of the lives and well-being of thousands of detainees. The misery and death will continue. Unfortunately for us, this administration not only welcomes blood on its hands, but revels in it.

Filed Under: camp east montana, detention centers, dhs, el paso, ice, mass deportation, rights violations, trump administration

Good morning! Let’s play Connections, the NYT’s clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you’ve finished? Why, play some more word games of course. I’ve also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc’s Wordle today page covers the original viral word game.

Google’s next flagship phones could arrive with a notable display advantage.

According to a new report from ETnews, the Pixel 11 series is set to use Samsung’s latest M16 OLED panels. This could potentially make it the first smartphone line to feature the upgraded screen technology.

The panels are expected to bring improvements in brightness, colour accuracy and power efficiency, building on Samsung’s current M14 OLED displays used in today’s premium devices. That includes phones like the Pixel 10 Pro and even recent iPhone models. Therefore, the jump to M16 could represent a modest but meaningful upgrade.

Arizona Attorney General Kris Mayes’ case against prediction market Kalshi appears to have hit a snag.

The Commodity Futures Trading Commission announced Friday that it has won a temporary restraining order preventing the state from pursuing its criminal case against Kalshi (whose CEO Tarek Mansour is pictured above).

“Arizona’s decision to weaponize state criminal law against companies that comply with federal law sets a dangerous precedent, and the court’s order today sends a clear message that intimidation is not an acceptable tactic to circumvent federal law,” said CFTC Chairman Michael S. Selig in a statement.

While the CFTC normally has five commissioners, Selig is currently the only one on the commission, following his confirmation in December and the departure of previous acting chairman Caroline Pham (who left to join crypto company MoonPay).

Arizona has filed charges against Kalshi accusing the company of operating an illegal gambling business in the state without a license. The announcement of the restraining order comes just a couple days after a federal judge allowed Arizona’s case to move forward, according to Bloomberg.

The CFTC also filed suits seeking to stop similar cases from moving forward in Connecticut and Illinois.

Five hundred bucks. That’s the price difference between the MacBook Neo and the MacBook Air. Having spent a lot of time testing and using both laptops in the MacBook lineup, I can say that there’s a clear demographic for both of these devices.

As a longtime laptop tester, my goal here is twofold. I want to make sure that you buy the right MacBook, and I also want to make sure you don’t overpay or underbuy. Deciding isn’t actually as difficult as you might think. Don’t think you want a MacBook after all? Don’t forget to check out our guides to the Best Windows Laptops, the Best Chromebooks, or the Best Linux Laptops.

The Easy Way to Decide

Photograph: Luke Larsen

There’s one easy question to answer if you’re stuck between the Neo and the Air. Is this for a job that you will use full-time? Because if you’re sitting in front of this laptop for eight hours a day, don’t bother considering the MacBook Neo. You’ll likely be tempted by the price, but it’s compromises are just too many. Trust me.

On the other hand, if you answered “No” to that question, you can likely save some cash by buying the MacBook Neo without being bothered by some of its deficiencies. For example, a lot of people have a work PC or laptop at the office, but then need something for weeknights, weekends, or to travel with. It also works perfectly for a student, whether in high school or college.

I know that’s an oversimplified way of thinking about it, but it’s a good place to start.

Design, Size, and Aesthetics

There’s a small difference in size, but it isn’t as significant as you might assume. The MacBook Neo’s screen is 13 inches, measured diagonally, which is over half an inch smaller than the 13.6-inch MacBook Air. As someone who frequently works on a MacBook Air, I found it pretty easy to switch to the slightly smaller Neo. You can also upgrade to the 15-inch MacBook Air, which gives you a significantly bigger canvas to work on. But that also costs an extra $200. In terms of portability, the MacBook Air is 0.44 inches versus the 0.50 inches of the Neo. Again, not a huge difference—especially since they’re identical in weight.

The MacBook Neo does depart from the MacBook formula in terms of design in a few key ways. It’s a bit more playful than other MacBooks, using rounder edges, white keycaps, and some more brighter color options. They’re nowhere near as daring as the iMac colors, but you get to choose between Silver, Blush, Citrus, and Indigo. Silver and Blush are more subtle, while Citrus and Indigo are the bolder options. My favorite aspect of the MacBook Neo is the lack of a notch, though. Don’t get me wrong: I want thin bezels on my laptop like everyone else, but I’ve always found the notch to be an ugly solution.

Looking for the most recent Wordle answer? Click here for today’s Wordle hints, as well as our daily answers and hints for The New York Times Mini Crossword, Connections, Connections: Sports Edition and Strands puzzles.

Today’s Wordle puzzle is a tough one, with a double letter that could throw you off. If you need a new starter word, check out our list of which letters show up the most in English words. If you need hints and the answer, read on.

Read more: New Study Reveals Wordle’s Top 10 Toughest Words of 2025

Today’s Wordle hints

Before we show you today’s Wordle answer, we’ll give you some hints. If you don’t want a spoiler, look away now.

Wordle hint No. 1: Repeats

Today’s Wordle answer has one repeated letter.

Wordle hint No. 2: Vowels

Today’s Wordle answer has two vowels, plus one sometimes vowel.

Wordle hint No. 3: First letter

Today’s Wordle answer begins with A.

Wordle hint No. 4: Last letter

Today’s Wordle answer ends with Y.

Wordle hint No. 5: Meaning

Today’s Wordle answer can refer to a narrow passageway between or behind buildings.

TODAY’S WORDLE ANSWER

Today’s Wordle answer is ALLEY.

Yesterday’s Wordle answer

Yesterday’s Wordle answer, April 11, No. 1757, was PRUDE.

Recent Wordle answers

April 7, No. 1753: DENSE

April 8, No. 1754: INLET

April 9, No. 1755: LADEN

April 10, No. 1756: CAROM