Cybersecurity Headlines

Feds require Anthropic to ban 'foreign national' access to Fable, Mythos
Maine disables data breach notification portal after fake disclosures
ShinyHunters extorts universities through exploiting an unpatched Oracle flaw
Get the show notes here:
Huge thanks to our sponsor, ThreatLocker

Every security leader is being asked the same question right now:
How do we enable innovation without creating unnecessary risk?
That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision.
ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do.
That's why ThreatLocker is proud to support Cyber Security Headlines.
Because security works best when innovation and control move together.

This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation.

Missed the live show? Check it out on YouTube.

The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.

Huge thanks to our episode sponsor, Doppel

Cybercriminals don't respect your security silos. They use one connected attack chain to hit your brand externally, infiltrate your inbox, and manipulate your team. Stop playing whack-a-mole with fragmented tools. Doppel unifies Digital Risk Protection, Human Risk Management, and Email Security into one unified platform. One attack chain. Three pillars of defense. Zero blind spots. Secure your enterprise relentlessly at doppel.com.

Fortinet patches a new critical FortiSandbox flaw
GitHub to disable npm install scripts by default to stop supply chain attacks
Nottingham University announces data breach
Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Patch Tuesday for the books
'Nightmare Eclipse' drops Windows 0-day
Claude Fable restricted at Microsoft
Get the show notes here: https://cisoseries.com/cybersecurity-news-big-patch-tuesday-nightmare-eclipse-drops-windows-0-day-claude-fable-restricted-at-microsoft/
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Anthropic releases Claude Fable 5
French government messaging service breached
CISA rethinking risk evaluations
Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-fable-5-tchap-hacked-cisa-priorities/ 
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.