A critical SQL injection vulnerability in BerriAI's LiteLLM Python package (CVE-2026-42208) was actively exploited in the wild within 36 hours of its public disclosure, underscoring a severe and immediate threat to AI infrastructure. This rapid exploitation highlights the speed with which sophisticated threat actors can operationalize newly revealed flaws, targeting highly sensitive large language model (LLM) provider credentials and proxy configurations. The flaw allows unauthenticated attackers to potentially compromise access to cloud-grade LLM services.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently updated its Known Exploited Vulnerabilities (KEV) catalog, adding two critical flaws in ConnectWise ScreenConnect and Microsoft Windows. This move comes as evidence confirms active exploitation of these vulnerabilities by sophisticated threat actors, including state-sponsored groups. The update underscores the immediate imperative for organizations to patch their systems to prevent compromise.

Anthropic's new Claude Mythos Preview model has demonstrated the alarming capability to autonomously discover and weaponize software vulnerabilities, creating functional exploits without human intervention. This significant advancement in AI-driven offense has profound implications for global cybersecurity, potentially compromising critical systems and services. The limited release of Mythos has sparked debate within the security community regarding AI safety, resource constraints, and the future of vulnerability management.

Sevii has launched its new Cyber Swarm Defense (CSD) mode, an innovative solution designed to bring much-needed predictability to the escalating costs of agentic AI security. This development directly addresses a critical challenge faced by CISOs and defense budget planners: managing unpredictable expenditures associated with autonomous AI operations. By shifting from variable token-based billing to a fixed per-asset protection model, Sevii aims to stabilize cybersecurity budgets amidst a rapidly evolving threat landscape.

Over 70 new malicious extensions, clones of popular tools, have been identified on the Open VSX marketplace, signaling a significant resurgence of the GlassWorm malware. These sleeper extensions are designed to eventually deploy payloads, stealing critical credentials and sensitive information, posing an acute supply chain threat.

A critical flaw in the VECT 2.0 ransomware's encryption process has transformed it into an indiscriminate data wiper for files exceeding 128KB, making data irrecoverable even for the attackers. This significant vulnerability means that victims of the ransomware, which recently partnered with the prolific TeamPCP threat group known for supply-chain attacks, face permanent data loss rather than a ransom demand.

Acting Navy Secretary Hung Cao has unveiled a comprehensive, albeit controversial, vision for the service, prioritizing a "Golden Fleet" of modernized vessels and reformed acquisition processes. Speaking at the Modern Day Marine exposition, Cao also detailed his desired military ethos, advocating for "alpha males and alpha females" while dismissing "cross-dressers" and "leaf eaters" as unsuitable for service.

Software-defined satellite architectures are now an operational reality, fundamentally shifting how the U.S. and allies ensure continued dominance in an increasingly contested space domain. This strategic pivot moves beyond hardware-centric orbital assets to prioritize agility, resilience, and rapid iteration against evolving threats.

Acting Secretary of the Navy Hung Cao has called for a significant overhaul of naval acquisition, emphasizing a push for new industry entrants and diversified supply chains. In his first speech since taking the post, Cao urged partners to help develop cutting-edge solutions, particularly for munitions and shipbuilding, signaling a departure from reliance on traditional major contractors.

U.S. Special Operations Command (SOCOM) is rapidly integrating artificial intelligence and autonomy across all operations, its commander, Adm. Frank “Mitch” Bradley, told lawmakers. These advanced technologies are deemed critical for battlefield sensing, continuous adversary surveillance, and projecting force, offering a distinct advantage in modern asymmetric warfare.

Acting Navy Secretary Hung Cao, swiftly appointed following his predecessor's ouster, delivered his inaugural public remarks, emphasizing a commitment to modernizing the U.S. Navy and Marine Corps. He passionately declared his intent to prevent future generations, including his own son soon to be commissioned, from experiencing the under-equipped conflicts he endured. This vision underpins his focus on accelerating defense acquisitions and fostering innovation.

A Chinese national accused of extensive state-sponsored cyber espionage has been successfully extradited from Italy to the United States to face charges. Xu Zewei, linked to the notorious Silk Typhoon APT group, is charged with hacking US universities and COVID-19 researchers on behalf of China's Ministry of State Security. This marks a significant development in the ongoing efforts to counter nation-state cyber threats.