New OpenAI cyber product, unauthorized Mythos access, insurers to cap LLMjacking payouts

7 min

•Apr 23, 20265 days ago

Summary

This episode covers OpenAI's new GPT 5.4 cyber model rollout to government agencies, unauthorized access to Anthropic's Mythos vulnerability-finding model, and insurers capping payouts for AI-related cyber incidents like LLM jacking. Additional stories include a dismantled manga piracy platform, NCSC's SilentGlass HDMI security device, North Korean supply chain attacks using fake job offers, and a new Kyber ransomware variant experimenting with post-quantum encryption.

Insights

AI security models designed to find vulnerabilities are becoming high-value targets for unauthorized access, creating a paradox where security tools themselves become security risks
Insurance industry is preemptively restricting coverage for emerging AI threats before the threat landscape fully materializes, potentially leaving enterprises underprotected
Post-quantum cryptography adoption by threat actors appears premature and doesn't materially improve attack outcomes, suggesting it's being used for marketing or future-proofing rather than tactical advantage
Supply chain attacks are evolving to weaponize legitimate development tools and workflows, making traditional code review and repository security insufficient
Physical security vectors like monitor connections remain exploitable and underprotected despite being well-understood attack surfaces

Trends

AI model access control becoming critical security concern as capabilities expandInsurance industry moving to narrow AI-related cyber coverage through sublimits and exclusionsPost-quantum cryptography experimentation by threat actors ahead of quantum threat materializationSupply chain attacks leveraging fake recruitment and developer social engineeringPhysical security devices gaining commercial availability after government deploymentVulnerability-finding AI models being restricted to limited organizations due to dual-use concernsNorth Korean threat actors expanding into open source ecosystem targetingRansomware operators coordinating multi-platform attacks across Windows and VMware ESXi

Topics

AI Cyber Security Models and Governance Unauthorized Access to Restricted AI Systems LLM Jacking and AI-Related Cyber Insurance Supply Chain Security in Open Source Post-Quantum Cryptography Adoption Physical Security and Monitor Exploitation North Korean Threat Actor Operations Ransomware and Data Backup Destruction Docker Image and Container Supply Chain Compromise Zero Trust Network Access Vulnerability Discovery Automation Credential Compromise and Exposure Piracy Platform Takedown Operations HDMI and DisplayPort Security VS Code Extension Security

Companies

OpenAI

Briefing 50+ U.S. federal and Five Eyes agencies on new GPT 5.4 cyber model through controlled tiered access program

Anthropic

Mythos vulnerability-finding model experienced unauthorized access by third-party contractor group via URL guessing

Mozilla

Used Mythos model to identify 271 bugs in Firefox 150, demonstrating faster vulnerability discovery than manual methods

QBE Insurance

Moving to cap payouts for AI-related cyber incidents including LLM jacking through sublimits on coverage

Beasley

Implementing sublimits on AI-related cyber incident coverage alongside other major insurers

National Cyber Security Centre

Unveiled SilentGlass plug-in device at Cyber UK to secure HDMI and DisplayPort connections against malicious signals

Goldilocks Labs

Co-developed SilentGlass device with NCSC and Sony UK for securing monitor connections

Sony UK

Co-developed SilentGlass device with NCSC and Goldilocks Labs for commercial deployment

Trend Micro

Researched North Korean VoidDokavi group's self-propagating supply chain attacks using fake job offers

Rapid7

Analyzed new Kyber ransomware operation targeting Windows and VMware ESXi with post-quantum cryptography experimentation

Socket

Identified compromised Checkmarx KICS Docker images and VS Code extensions enabling data exfiltration

Checkmarx

Supply chain compromised with malicious code injected into KICS Docker images and VS Code extensions

People

Sarah Lane

Hosted and reported the cybersecurity headlines episode

Quotes

"The model is being offered through a tiered trusted access program with vetting similar to commercial users, alongside a more restricted version with stronger safeguards"

Sarah Lane•~1:30

"All of the bugs could have also been found by a human Mythos simply found them faster"

Sarah Lane•~4:00

"Researchers note the use of post-quantum methods doesn't materially change outcomes for victims"

Sarah Lane•~13:30

"The incident likely spans multiple distribution channels, advising organizations to treat any credentials exposed through impacted scans as compromised"

Sarah Lane•~15:45

Full Transcript

From the CISO series, it's cybersecurity headlines. These are the cybersecurity headlines for Thursday, April 23rd, 2026. I'm Sarah Lane. OpenAI shares cyber product with government orgs. Axios reports that OpenAI has been briefing U.S. federal agencies, state governments, and Five Eyes Allies on its new GPT 5.4 cyber model, demonstrating its capabilities to more than 50 government cyber practitioners as part of a controlled rollout. The model is being offered through a tiered trusted access program with vetting similar to commercial users, alongside a more restricted version with stronger safeguards. The push comes as Anthropic tests its competing Mythos model with select organizations. Unauthorized Mythos Access. Firebox bugs fixed by Mythos. Speaking of Anthropic, a couple different Mythos stories today. Bloomberg reports a small group of unauthorized users claimed in a private Discord that they were able to access Anthropic's Mythos model, which had been limited to 40 organizations because of its reported ability to find or exploit security vulnerabilities. One member of the group works for a third-party contractor for Anthropic. They combine that access and other information that they gathered, like guessing the URL based on how Anthropic formats them. Anthropic is investigating the report and says it has no evidence that the access went beyond a third-party vendor's environment. Meanwhile, Mozilla said it used Mythos to look for bugs in Firefox 150, and it found 271 of them. All of the bugs could have also been found by a human Mythos simply found them faster Insurers move to cap LLM jacking cyber payouts The Financial Times reports insurers including QBE Insurance and Beasley are moving to cap payouts for AI-related cyber incidents, introducing sublimits that significantly restrict coverage for risks like LLM jacking. That's where attackers exploit enterprise AI systems to avoid usage fees. Brokers and legal experts warn the changes could narrow protection across a broader range of emerging AI threats, even as insurers argue they are clarifying coverage rather than reducing it. Spain Dismantles Manga Piracy Platform Spanish police have dismantled a major Spanish-language manga piracy platform operating since 2014, arresting four people and seizing infrastructure that supported millions of monthly users. Authorities say the site generated more than $4.7 million in ad revenue, including some pornographic pop-ups, while also uncovering hidden cryptocurrency wallets holding about $470,000. The takedown is part of a broader crackdown on large-scale piracy operations that authorities say have caused significant financial and reputational damages to publishers and the wider cultural industry. huge thanks to our sponsor threat locker threat locker is extending zero trust beyond endpoint control with their recent release of zero trust network access and zero trust cloud access access isn't based on credentials alone it requires the right user the right device and the right conditions because as we've seen in recent large-scale crm breaches stolen credentials and misconfigurations can expose massive amounts of data With ThreatLocker nothing is exposed and access is limited to exactly what needed Learn more and start your free trial today at ThreatLocker slash CISO NCSC unveils SilentGlass. The National Cyber Security Center announced SilentGlass at Cyber UK, a plug-in device designed to secure HDMI and DisplayPort connections by blocking malicious or unexpected signals between computers and monitors. The device is already deployed in government environments and targets an attack vector where monitors can be exploited to access sensitive data or infiltrate networks. Developed with Goldilocks Labs and Sony UK, Silent Glass is now commercially available. Contagious interview scams self-propagate According to research from Trend Micro, North Korean threat actors are evolving the contagious interview scam into a self-propagating supply chain attack using fake job offers to trick developers into running compromised code that spreads malware through repositories. The campaign is being attributed to the group VoidDokavi and uses malicious VS code tasks and hidden repository files to deploy rats, steal credentials, and infect downstream projects when code is shared. This can rapidly cascade across open source and enterprise environments, with more than 750 infected repositories now identified. Kyber gang toys with Windows post-quantum encryption. A new Kyber ransomware operation is targeting Windows and VMware ESXi systems, with one variant experimenting with post-quantum cryptography, according to analysis from Rapid7. Researchers found the Windows version uses Kyber 1024 for key protection alongside traditional encryption while the ESXi variant falsely claims post capabilities and relies on standard algorithms Both strains are deployed together to maximize impact aggressively encrypting data, deleting backups, and disrupting recovery. Researchers note the use of post-quantum methods doesn't materially change outcomes for victims. Compromised KIX images and extensions hit checkmarks. Socket researchers report threat actors compromised the checkmark's supply chain by injecting malicious code into its KICS or KIX, Docker images, and related Visual Studio Code extensions. The tampered images enabled data collection and exfiltration of sensitive scan results, while affected VS Code extensions downloaded and executed remote code without verification. Researchers warned the incident likely spans multiple distribution channels, advising organizations to treat any credentials exposed through impacted scans as compromised. Far too many vendor demos are falling short on just delivering the basics of what a security professional expects to see. Isn't the point of a vendor demo to get the potential buyer interested in the product? That is what we're discussing on this week's episode of Defense In Depth. Look for the episode, What Makes a Successful Security Vendor Demo, wherever you get your podcasts. If you have some thoughts on our news from today or about the show in general, be sure to reach out to us at feedback at CISOseries.com. We always want to hear from you. I am Sarah Lane reporting for the CISO series. Thanks for listening, and we'll talk to you tomorrow. Cybersecurity headlines are available every weekday. Head to CISOseries.com for the full stories behind the headlines. you