Numbers Don't Lie: Anthropic Is Top Gun in AI Model Showdown

Michael Novinson • May 29, 2026

Anthropic's new $965 billion Series H valuation, growing use of Claude for AI coding and an increasing share of the enterprise AI market indicates OpenAI's early lead in frontier models has disappeared as customers have shifted their spending, workloads and token usage to Anthropic.

Agentic AI

Socket Raises $60M for Wider Software Supply-Chain Defense

Latest

Fraud Management & Cybercrime

Chinese Phishing Service Scams Thousands of FIFA World Cup Fans

Tiffany Wang • May 29, 2026

A Chinese-language phishing-as-a-service platform scammed between $470 million to $1 billion from soccer fans ahead of the 2026 FIFA World Cup starting next month. The financially motivated operator Domain-by-domain takedowns will not stop this, warned Group-IB.

Data Privacy

23andMe Failed to Stop Months-Long Hack, State Alleges

Marianne Kolbasuk McGee • May 29, 2026

Hackers in 2023 went undetected for five months in genetics testing firm 23andMe's IT systems, despite multiple unheeded warning signs, alleges California's attorney general in a lawsuit. Hackers in late April 2023 began accessing 23andMe’s systems by using compromised credentials.

Governance & Risk Management

NIST Rebrands AI Consortium, Ditches 'Safety' From Name

Chris Riotta • May 29, 2026

The U.S. National Institute of Standards and Technology is expanding one of its largest artificial intelligence initiatives, rebranding the AI Safety Institute Consortium and reopening participation as the Trump administration pushes a more industry-focused approach to AI development and governance.

Critical Infrastructure Security

CISA Town Halls Set Final Stage for CIRCIA Debate

Chris Riotta • May 29, 2026

The Cybersecurity and Infrastructure Security Agency's June town halls will give critical infrastructure operators a final opportunity to influence how the agency defines covered entities, reportable incidents and compliance requirements before issuing long-awaited CIRCIA regulations.

Agentic AI

ISMG Editors: Are We Ready for a Post-Mythos Security World?

Anna Delaney • May 29, 2026

In this week's panel, four ISMG editors discussed what Anthropic's controversial Mythos AI model signals for the future of cybersecurity, whether security operations can keep pace with AI-speed threats, and why firms are suddenly scrambling for visibility and governance related to employee AI usage.

AI-Powered SASE

AI-Driven Bug Tsunami Prompts Exploitability Questions

Mathew J. Schwartz • May 29, 2026

If there's one thing artificial intelligence has done, it's multiply bugs, and the annual CVE Program count of new vulnerabilities is set to break records. Less apparent is how many of those AI-ferreted vulnerabilities can be turned into high-impact exploit chains - if they're exploitable at all.

Artificial Intelligence & Machine Learning

AI Is Making Decisions. Who's Owning Them?

Suparna Goswami • May 29, 2026

Traditional governance, risk and compliance principles still hold, but periodic, checklist-driven governance is a dangerous mismatch for AI systems that continuously evolve and make millions of decisions per second, said Nancy Paul of GSK.

Governance & Risk Management

Microsoft Threatens Legal Action Over Zero-Day Leaks

Tiffany Wang • May 28, 2026

Microsoft is pursuing legal action after a researcher publicly released six Windows zero-days and exploit code following a breakdown in coordinated disclosure talks, escalating tensions over vulnerability disclosure, platform moderation and protections for independent security researchers.

Cybercrime

Romanian Access Broker Sentenced in Oregon Network Intrusion

Greg Sirico • May 28, 2026

The Romanian hacker who in 2021 sold on a hacking forum online credentials to the Oregon disaster management agency received a four year federal prison sentence.

Healthcare

Connecticut Medicaid Portal Hack Affects Thousands

Marianne Kolbasuk McGee • May 28, 2026

A hack on a Connecticut Medicaid web portal involving compromised credentials of a healthcare provider has affected the payment account and other information for about 22,500 patients. The data theft is the latest breach involving a healthcare related web portal hack. Why does this keep happening?

Artificial Intelligence & Machine Learning

Colorado Rolls Back Landmark AI Governance Law

Chris Riotta • May 28, 2026

Colorado lawmakers scaled back what was once considered the nation's most aggressive state artificial intelligence governance law, narrowing its scope and delaying enforcement another year after months of pressure from businesses and technology groups.

Cybercrime

Breach Roundup: US Troops Tracked With Cell Phone Data

Pooja Tikekar • May 28, 2026

This week, active duty troops tracked, Kali365 bypassed MFA, Australian lawmakers phished on WhatsApp, Silent Ransom escalated IT scams, Lithuania and German hospitals disclosed breaches, pro-Russian infrastructure providers arrested, CISA warned of active LiteSpeed exploitation.