West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption.
The company said that it detected a compromise on May 4th. An investigation into the incident determined that the attacker stole data from the network.
“On May 7, 2026, West Pharmaceutical Services, Inc. determined that […it] has experienced a material cybersecurity attack, in which certain data was exfiltrated by an unauthorized party and certain systems were encrypted,” West Pharmaceutical Services notes in a filing with the U.S. Securities and Exchange Commission (SEC).
“Upon initial detection of an intrusion on May 4, 2026, the company promptly activated its incident response protocols, including proactively taking systems offline globally for containment purposes, notifying law enforcement, and engaging external cyber-forensic experts.”
An investigation is currently underway to determine the exact nature and scope of the incident, and the type of data the attacker stole.
West Pharmaceutical Services is a publicly traded, S&P 500 American pharmaceutical manufacturing company with annual revenues exceeding $3 billion and more than 10,800 employees globally.
The company specializes in injectable drug packaging, syringe and vial components, containment systems, and drug delivery devices.
The cyberattack triggered a response that inevitably disrupted the company’s global business operations.
The firm says it has restored its core enterprise systems that support shipping and manufacturing operations, and manufacturing has been partially restarted.
Complete restoration of all systems has not yet been achieved, and no timeline for finalizing this restoration was provided at this time.
Similarly, the company has not made any estimates about the incident’s material impact on its financials.
It’s worth noting that West Pharmaceutical Services stated that it has taken steps to mitigate the risk of the dissemination of the exfiltrated data, but hasn’t specified exactly what those steps are.
BleepingComputer has contacted the firm with a request for comments about the attack, its impact, and its current incident management plan. A company spokesperson said that immediately after detecting the intrusion, incident response and crisis management protocols were activated.
“Following initial detection of an intrusion on May 4, 2026, West Pharmaceutical Services promptly implemented a series of technical and organizational measures to contain and mitigate the potential impact. This included the proactive shutdown and isolation of affected on-premise infrastructure for containment purposes, restriction of access to enterprise systems, and activation of further incident response and crisis management protocols, including notifying law enforcement.”
West Pharmaceutical Services also engaged Palo Alto Networks’ Unit 42 for incident response, containment, and recovery efforts, in coordination with other external experts and legal counsel.
No ransomware groups have taken credit for the attack on West Pharmaceutical Services at the time of writing.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Mythos has been MDASH’d.
A new AI-powered system from Microsoft surpassed a headline-grabbing rival from Anthropic on a leading cybersecurity benchmark, using more than 100 specialized AI agents working together across multiple AI models to find real-world software vulnerabilities.
Microsoft’s system, codenamed MDASH, was introduced this week alongside the disclosure of 16 new vulnerabilities it found in different versions of Windows, including four “critical” remote code execution flaws fixed in this month’s Patch Tuesday release.
The company, which has faced persistent criticism over security lapses, is betting that multiple models can discover vulnerabilities at a pace that individual models can’t match.
MDASH, derived from the term “multi-model agentic scanning harness,” works by running specialized AI agents through a staged pipeline. Different agents scan code for potential vulnerabilities, then a separate set of agents debate whether each finding is real and exploitable, and a final stage constructs proof-of-concept attacks to confirm the bugs exist.
By comparison, Anthropic’s Mythos, which raised concerns over its ability to find and exploit software vulnerabilities when it was previewed earlier this year, is a single AI model running inside an agent framework. Anthropic restricted its release to a handful of companies through a consortium called Project Glasswing, which includes Microsoft.
OpenAI’s GPT-5.5 and others on the leaderboard are also single-model systems.
MDASH scored 88.45% on the CyberGym benchmark, a test developed by UC Berkeley researchers that measures how well AI systems can reproduce real-world vulnerabilities across 1,507 tasks drawn from 188 open-source software projects.
Mythos Preview was second at 83.1%, followed by GPT-5.5 at 81.8%.
The benchmark gives each system a description of a known vulnerability and an unpatched codebase, and measures whether it can produce a working attack that triggers the bug.
The scores on the CyberGym leaderboard are self-reported by the companies, including Anthropic’s Mythos result. The benchmark code is public, but no independent party has verified any of the scores. Also, benchmark results don’t necessarily reflect real-world performance.
The results also highlight growing concerns about AI’s use as an offensive hacking tool. The same capabilities that allow AI to find vulnerabilities in friendly hands can be used to discover them for exploitation by attackers. Microsoft said MDASH is being used internally by its security engineering teams and will be entering a limited private preview with customers.
Microsoft is telling customers to expect bigger Patch Tuesdays going forward as AI accelerates the discovery of vulnerabilities.
The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries.
Among the victims are a major South Korean electronics manufacturer, government agencies, an international airport in the Middle East, industrial manufacturers in Asia, and educational institutions.
Researchers at Symantec say that the threat actor “spent a week inside the network of a major South Korean electronics manufacturer in February 2026.”
Symantec’s Threat Hunter Team believes the attacker was intelligence-driven, focusing on industrial and intellectual property theft, government espionage, and access to downstream customers or corporate networks.
Seedworm’s campaign relied heavily on DLL sideloading, a common technique in which legitimate, signed software loads malicious DLLs.
Two of the binaries leveraged in the attack are ‘fmapp.exe,’ a legitimate Foremedia audio utility, and ‘sentinelmemoryscanner.exe,’ a legitimate SentinelOne component.
The malicious DLLs (fmapp.dll and sentinelagentcore.dll) contained ChromElevator, a commodity post-exploitation tool that steals data stored in Chrome-based browsers.
Symantec also found that PowerShell, used in previous Seedworm attacks, was still heavily used in the recent incidents, although the payloads were controlled through Node.js loaders rather than directly.
PowerShell was used to capture screenshots, conduct reconnaissance, fetch additional payloads, establish persistence, steal credentials, and create SOCKS5 tunnels.
According to Symantec’s observations, the attack on the South Korean electronics manufacturer lasted between February 20 and 27. The researchers did not disclose the name of the targeted organization.
In the first stage, Seedworm performed host and domain reconnaissance, followed by antivirus enumeration via WMI, screenshot capture, and the download of additional malware.
Credential theft occurred via fake Windows prompts, registry hive theft (SAM/SECURITY/SYSTEM), and Kerberos ticket abuse tools.
Persistence was established through registry modifications, beaconing occurred at 90-second intervals, and sideloaded binaries were repeatedly relaunched to maintain access.
“The cadence is again consistent with implant-driven activity rather than continuous operator presence,” the researchers said.
The attackers leveraged sendit.sh, a public file-sharing service for data exfiltration, likely to obscure the malicious activity and make it appear as normal traffic.
Overall, Symantec has found the latest Seedworm campaign notable for the threat actors’ geographic expansion, operational maturity, and the abuse of legitimate tools and services, which mark a shift toward quieter attacks.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Artificial intelligence has posed a multi-layered problem for Apple in recent years. We’re expecting to hear some big news at WWDC this year about how AI will be integrated into the company’s gadgets, but there are still other wrinkles still to be ironed out in its broader approach to the use of this influential technology. According to The Information, one of those challenges is the recent interest and development of agentic AI.
To date, Apple has not permitted vibe coding tools on the App Store because they would violate its policies. They could also potentially be used to create original apps for people who would have otherwise gotten software from the App Store, which could pose a threat to Apple’s revenue as well as creating a loophole for spreading malware or taking other malicious actions. But applying that same block more broadly to any agentic AI services, which can take active control over a device and its programs, could keep Apple out of the loop as those tools are generating a lot of interest among both developers and casual users. Apple is reportedly trying to maintain its control over the App Store, while capitalizing on the current buzz around AI agents.
“While details couldn’t be learned, its staffers are designing a system to adhere to its standards of privacy and security and prevent the more freewheeling behavior some users of agentic systems such as OpenClaw have experienced, where agents can go haywire and delete all of a user’s emails, according to the people briefed on the matter,” the article states.
It sounds like a high wire act for a company that has been struggling to keep pace with AI’s breakneck development. Add this to the long laundry list of information we’ll be curious to see addressed at next month’s keynote.
Netflix has more than 250 million monthly active users on its ad-supported tier. The figure, which was revealed during the company’s Upfront presentation, marks a huge spike for this subscription option. In 2024 the plan with ads had 70 million users and in 2025 it reached 94 million.
Starting next year, Netflix will also launch the ad-supported plan in 15 more countries: Austria, Belgium, Colombia, Denmark, Indonesia, Ireland, the Netherlands, New Zealand, Norway, Peru, Philippines, Poland, Sweden, Switzerland and Thailand.
The Basic with Ads tier of access started rolling out in 2022. It appears to be an increasingly popular option as Netflix, like most streaming services, has continued to get ever-more expensive. The company just upped all monthly subscription costs by a dollar earlier this year.
And of course, because this is 2026, the Upfront included plenty of talk about AI. Netflix started using the tech in its ads last year, and one of the new potential applications the company is testing will serve “personalized ad loads and frequency caps that dynamically adjust the ads our members see, based on their viewing behaviors.” Netflix is currently facing a lawsuit from Texas on claims that it illegally sells user data to ad tech companies, although the streaming service said the suit was “based on inaccurate and distorted information.”
Ukrainian company Celebra Tech is putting the final touches on a Trident laser weapon which it claims can destroy drones, helicopters, and even missiles at significant distances.
The Trident burns through enemy optics and structural components from up to three miles away.
Western defense giants have spent enormous sums on similar technology, such as the £120 million DragonFire laser unveiled by Britain, yet Ukrainian developers claim their Trident system will cost a tiny fraction of that amount.
Celebra Tech says its laser system can shoot down reconnaissance drones from up to 1.5 kilometers away.
FPV drones, which have become a major threat on the battlefield with an effective range of 800 to 900 meters, were destroyed by the system, which also damages optics, electronics, and wing bodies of larger aircraft.
Developers say the Trident can strike helicopters and airplanes at a distance of 5 kilometers.
At 10 kilometers away, the laser still retains enough power to blind enemy surveillance equipment.
The system has recently received new targeting features, including radar integration and automatic target tracking, and a re-guidance system now allows operators to correct the beam during active engagement.
The company revealed that a prototype called the Trident-120 underwent combat testing in 2021 and 2022, when it resembled a light rifle in its physical form and handling.
The earlier prototype successfully struck the optoelectronic equipment of Ka-52 attack helicopters, and also damaged Orlan reconnaissance drones and Murom ground observation stations during those field tests.
“Today, we can shoot down planes at an altitude of over 2 km with this laser,” said Vadym Sukharevskiy, former commander of the Unmanned Systems Forces.
The company adds the Trident laser system is also suitable for demining contaminated areas, although this secondary function has not been demonstrated publicly or verified by external observers.
Celebra Tech has developed other products, including the Laurus-13F fiber-optic FPV drone, and says it is also working on bombers, electronic warfare equipment, and specialized software packages.
The company employs only about fifteen people to work on this laser development project, which seems remarkably small for such a technically ambitious weapon system.
For most of the stated destroy ranges, including the 5-kilometer anti-aircraft claim, no independent verification or third-party confirmation has ever been published.
The demining function mentioned by the manufacturer appears particularly far from proven operational capability based on available evidence.
A low-cost laser that solves every aerial threat remains an appealing idea, but without proper verification, it remains a theoretical project.
Via Defender Media
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
KitchenAid has released a smart thermometer, the first from the popular cooking brand. The single probe model will retail for $100 while the dual option will cost $200. Although a maximum temperature isn’t listed in the specs, the company says that the Smart Thermometer can be used for a range of processes, including grilling, roasting, smoking, air frying and stovetop cooking.
The probes are waterproof and dishwasher safe, and when fully charged, the battery life can top out at 24 hours, so you can keep tabs even on long projects like smoking a hefty brisket. The quick-charge option can boost the probe to an extra five hours of cooking from five minutes of charging.
The KitchenAid Smart Thermometer connects to the company’s app, which offers a graph view for visualizing the cooking process, a collection of up to 20 saved cooks, and timers or alerts. Notifications can let the cook know when it’s time to take different steps in a recipe based on temperature. The probes use Bluetooth, and the Range Extender Mode can stretch the device’s 285-foot range with a second internet-connected device if needed.
KitchenAid’s offering joins several other products on the market, some from grilling-focused specialists such as Meater and ThermoWorks, and others from similarly major kitchen brands like Whirlpool, which just so happens to own KitchenAid.
Simplify your daily charging experience and replace most of the chargers and cables on your desktop. The 5-in-1 Wireless & Wired Charging Station is a compact and powerful charging station to charge all your favorite gadgets at the same time, and can also double as a bedside lamp with 3 brightness levels. Having 3 wireless charging spots, and one USB-A port, it enables charging for up to 4 devices simultaneously, including iPhone, Apple Watch, AirPods Pro, AirPods with Wireless Charging Case, other Qi-compatible Android Phones, and Bluetooth earbuds. The Apple Watch Stand is for charging any Apple Watch from Series 1 to 9. Save your workspace and charge all your favorite techs in one elegant solution. It’s on sale for $40.
Note: The Techdirt Deals Store is powered and curated by StackSocial. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
Filed Under: daily deal
Meta launched a new app on Wednesday, called Instants, that integrates with existing Instagram accounts and allows users to send unedited, disappearing photos. Instants leans into the popularity of Instagram’s Stories feature and Close Friends lists, where users can selectively share images with a smaller audience.
Instants is available as a stand-alone app on iOS and Android in select countries, and it’s accessible through Instagram’s direct messaging tab.
The core of Instants, from its name to the bare-bones layout, is designed to evoke a sense of ephemerality. Yes, it’s a conceptual clone of Snapchat, with images that disappear after viewing, which can also be unsent before the person on the other end views them. (Instagram’s Stories feature, launched a decade ago, was also influenced by Snapchat.)
Unlike Snapchat, Instants is much more focused on capturing raw moments, like the once-viral BeReal app, and doesn’t allow any filters or retouching. That’s striking for a company that helped make sepia-toned filters like Valencia household names, and is hell-bent on adding generative AI to every other corner of its apps.
Courtesy of Meta
There’s one specific kind of raw image I fully believe adult users will be sharing with their Close Friends list through Instants: dick pics.
Instagram’s Close Friends feature, which arrived in 2018, earned a reputation as a way to share thirst traps. As a gay man living in San Francisco, I’m fully aware of what I’m going to see when someone adds me to their list and posts to Close Friends. No one’s posting full hog on main—that would be blocked by Meta—but there’s plenty of skin on display in those green bubbles.
Similar to Instagram, Instants is available to teenage users. Even so, content posted on either app may feel adult in nature. While Instagram’s community guidelines ban posting most kinds of nudity, with exceptions for sculptures and breastfeeding, in practice, the main feed on my Instagram is full of ass shots—nothing frontal. Images posted on Stories just to Close Friends lists, rather than being more publicly shared, often seem to avoid the stricter moderation rules. The Instants app is governed by the same guidelines as the main Instagram app.
ScreenshotCourtesy of Meta
Productivity software maker Notion is stepping into the agentic era.
In a live-streamed product announcement on Wednesday, the company, known best for its collaborative note-taking app, introduced a new developer platform that extends the capabilities of its custom AI agents, connects with external agents, and allows teams to build automated multi-step workflows that can pull in data from any database.
By building an orchestration layer — a system that coordinates AI work across multiple tools and data sources — Notion is positioning itself as more than a note-taker with AI features and instead as a hub where people and agents can collaborate across tools and databases.
In February, Notion first launched its Custom Agents — AI teammates that handle repetitive tasks, like answering frequently asked questions, compiling status updates, and automating workflows. Since then, Notion customers have built over one million agents, the company says.
However, these agents had limitations. They couldn’t connect with external data or use custom logic. External agents that companies used also didn’t have a way to connect with the Notion workspace. Teams had to work around these problems by using third-party automation platforms or writing their own scripts that run on their own infrastructure.
“It’s true that, historically, Notion hasn’t been the most developer-focused platform,” said Ivan Zhao, Notion co-founder and CEO, during the livestream. “But things are changing.”
Now, Notion will allow teams to deploy their own custom code. With its new Workers, Notion’s cloud-based environment for running custom code, customers can write their logic and deploy it to a secure sandbox (an isolated environment that keeps the code from interfering with other systems). This allows teams to do things like sync their data into Notion, build custom tools, and trigger work with webhooks — which are automated signals that kick off actions when something happens in another app — without needing to rely on external infrastructure.
You don’t even have to write the code. The company points out that your preferred AI coding agent can do it for you.
The Workers will use the same credit system as Custom Agents, but Notion is making this free through August, so developers can experiment.
Syncing external data sources is also a part of the Notion Developer Platform. Powered by Workers, the database sync feature can pull in data from any database with an API. That means you could access data from places like Salesforce, Zendesk, Postgres, and others within your own Notion databases — and keep the data current.
Zhao noted that this means that Notion’s users can now “use your Notion database as a sheer canvas to power both your workflows and your agents.”
Workers can also build agent tools with custom logic, for those times when connecting with a third-party via MCP — short for Model Context Protocol, an emerging standard that lets AI tools connect to external data and services — isn’t enough.
Another addition allows Notion’s users to chat directly with external AI agents they use, assign them work, and track their progress, as if they were one of Notion’s own custom agents. At launch, Notion says that Claude Code, Cursor, Codex, and Decagon are supported partner agents, but it plans to add more.
There’s an External Agent API, too, if teams want to connect their own internal agents with Notion, like those they’ve built specifically for their company’s needs.
Developers and agents interact with Notion’s new Developer Platform via the Notion CLI, a command-line tool for developers, available on the company’s Business and Enterprise Plans.
The Developer Platform represents a shift in strategy for Notion as it becomes more of a programmable platform than just an application, setting it up to compete with other workflow automation platforms. As businesses increasingly look to automate knowledge work and build internal AI systems, a platform that ties together agents, custom code, and live data in one place starts to look less like a productivity app and more like core infrastructure.
It also follows the broader trend among AI companies, which have been moving beyond the AI chatbot to offer agentic tools that can take actions across different software platforms.
“Any data, any tool, any agent — that’s the big picture for the Notion Developer Platform,” Zhao said.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Given how often we’ve seen AI-generated fake citations show up in legal filings and even legal decisions, you’d think the lesson would have sunk in by now: if you’re going to use AI to help draft something, you have to actually check what it produces. Apparently that lesson has not reached every government ministry.
Researcher Damien Charlotin was hunting for hallucinated citations using software he’d built for exactly that purpose, when he flagged something worth pausing on: South Africa’s proposed national AI policy contained at least four citations that don’t appear to exist.
The policy that contained hallucinated citations was, in part, a policy about the dangers of AI-generated misinformation.
And, days later, South Africa withdrew the proposal entirely.
South Africa has withdrawn its first draft national AI policy after revelations that it contained fictitious sources in its reference list which appeared to have been AI-generated.
“The most plausible explanation is that AI-generated citations were included without proper verification. This should not have happened,” Minister of Communications and Digital Technologies Solly Malatsi said.
“This failure is not a mere technical issue but has compromised the integrity and credibility of the draft policy,” he wrote in a post on X on Sunday.
Compromised the integrity and credibility of the policy? Bit of an understatement, I’d say.
And, look, it’s perhaps no surprise that those looking to put in place an AI policy would be using the tech themselves, but it’s difficult to think that they can regulate it well when they don’t even appear to understand how to use it well (and when not to use it at all).
Naturally, the minister’s takeaway is that the tech needs more regulation:
“This unacceptable lapse proves why vigilant human oversight over the use of artificial intelligence is critical. It’s a lesson we take with humility,” he wrote.
That really feels a lot like blaming the tech for humans making dumb decisions with the tech. He’s not wrong that we need human oversight of the tool. The power of AI tools is only recognized when they are there to assist humans, not replace them, but it’s not clear how a policy position fixes that.
To me, this is more evidence that we need to do a much better job educating people about what these tools can and can’t do. And that’s harder than it sounds, because the companies selling these products have spent years aggressively overselling what AI can do while burying the caveats about how it should actually be used. The gap between what vendors promise and what the tools actually deliver is a big part of why people keep reaching for them in exactly the wrong contexts.
Malatsi’s instinct — regulate harder — is understandable, but it addresses the wrong problem. The behavior you’re trying to regulate here isn’t malicious; it’s lazy and uninformed. Regulation is reasonably good at deterring bad intent. It has a much worse track record against ignorance. People are going to keep trying to force these tools to do things they’re not good at, regardless of what the rules say, because convenience and overconfidence are powerful forces. The better outcome comes when people learn, through repeated direct experience, that the tool fails in these situations — and when the companies selling these tools are honest about where they fail.
There are still genuinely useful ways to deploy AI, even if stories like this make people think that the tech is never good at anything. But using it to generate citations for official government policy documents, without verifying a single one, is not among them.
Of course, rather than actually dealing with any of this, expect a new crop of startups offering tools that claim to review your AI-generated content for hallucinated citations — and are just as unreliable.
Filed Under: ai policy, generative ai, hallucinations, south africa
HarrisX Poll Found 52% of Registered Voters Support the CLARITY Act
Weekend Open Thread: Marianne Dress
Upbit adds B3 Korean won pair as Base token gains Korea access
NCP car park operator enters administration putting 340 UK sites at risk of closure
Coffee Break: Travel Steam Iron
Auto Enthusiast Carves Functional Two-Stroke Engine from Solid Metal
What to Know Before Buying a Curling Wand or Curling Iron
What to expect when you’re expecting a budget
Ignore market noise, India’s long-term story intact, say D-Street bulls Ramesh Damani and Sunil Singhania
Politics Home Article | Starmer Enters The Danger Zone
GM Agrees To Pay $12.75 Million To Settle California Lawsuit Over Misuse Of Customers’ Driving Data
Simon Cowell Says He Was ‘Horrible’ To Susan Boyle During BGT Audition
Sarah Paulson Called Out For Met Gala ‘Hypocrisy’
General Hospital: Ric & Ava Bombshell – Ric’s Massive Secret Exposed!
Robinhood says Wall Street is building onchain
UEFA Champions League final schedule, teams, venue, live time and streaming | Football News
Why David Letterman Called CBS ‘Lying Weasels’
Hayden Panettiere reveals she's estranged from mom, addresses brother Jansen's sudden death: 'I was floored'
Mike Tyson speaks out on status of Floyd Mayweather fight
Paramount+’s ‘Landman’ Season 3 Gets Promising New Update From Returning Director
You must be logged in to post a comment Login