THIS week's cybersecurity news from SecurityWeek covers significant topics, including:
1. **Iranian Hackers:** Suspected breaches of US gas station tank monitoring systems using unprotected devices, raising concerns about critical infrastructure safety.
2. **CISA Contractor Credential Leak:** A contractor exposed sensitive AWS GovCloud credentials on a public GitHub repository, though there's no evidence of unauthorized access reported.
3. **Anthropic's Cyber Threat Sharing:** Introduction of a feature in Mythos for users to share cyber threat information to enhance collective defense.
4. **Cloudflare's Mythos Evaluation:** Findings from testing Anthropic's model highlight both strengths in exploit chain construction and challenges with false positives.
5. **Huawei Router Outage in Luxembourg:** A zero-day vulnerability caused a telecom blackout, impacting emergency services for several hours.
6. **Funding for NanoCo:** The company has raised $12 million for its AI assistant, NanoClaw.
7. **Exploited Industrial Router Flaw:** A surge in exploitation of a vulnerability in Four-Faith routers has been noted, with attackers creating botnets.
8. **Patriot Bait Campaign:** An individual ran a sophisticated five-year influence and fraud scheme using AI tools.
9. **Open WebUI Vulnerability:** A high-severity SSRF flaw discovered in Open WebUI that could allow unauthorized access to internal resources.
10. **CISA's New Submission Form:** For crowdsourcing reports of known exploited vulnerabilities, aimed at enhancing their catalog for quicker updates.