Bruce Schneier – Page 4 – WindowsTechs.com

How Dangerous Is Anthropic’s Mythos AI?

Posted on May 14, 2026 by Bruce Schneier

Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan and fix their own software.

The announcement requires context—but it contained an essential truth.

While Anthropic’s model is really good at finding software vulnerabilities, so are other models. The UK’s AI Security Institute found that OpenAI’s GPT-5.5, already generally available, is comparable in capability. The company Aisle …

Continue reading How Dangerous Is Anthropic’s Mythos AI?→

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities

Posted on May 13, 2026 by Bruce Schneier

The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally available.
Here is the Institute’s evaluation of My… Continue reading OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities→

Copy.Fail Linux Vulnerability

Posted on May 12, 2026 by Bruce Schneier

This is the worst Linux vulnerability in years.

TL;DR

copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC.

It abuses the kernel crypto API (AF_ALG sockets) plus splice() to write four bytes at a time straight into the page cache of a file the attacker does not own.

The exploit works unmodified across Ubuntu, RHEL, Debian, SUSE, Amazon Linux, Fedora and most others. No race condition, no per-distro offsets.

The file on disk is never modified. AIDE, Tripwire and checksum-based monitoring see nothing.
…

Continue reading Copy.Fail Linux Vulnerability→

LLMs and Text-in-Text Steganography

Posted on May 11, 2026 by Bruce Schneier

Turns out that LLMs are really good at hiding text messages in other text messages.
Continue reading LLMs and Text-in-Text Steganography→

Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

Posted on May 8, 2026 by Bruce Schneier

Evidence of them has been found by analyzing DNA in the seawater.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Blog moderation policy.
Continue reading Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia→

Insider Betting on Polymarket

Posted on May 8, 2026 by Bruce Schneier

Insider trading is rife on Polymarket:

Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—defined as wagers of $2,500 or more at odds of 35 percent or less—on the platform had an average win rate of around 52 percent in markets on military and defense actions.

That compares with a win rate of 25 percent across all politics-focused markets and just 14 percent for all markets on the platform as a whole.

It is absolutely insane that this is legal. We already know how insider betting warps sports. Insider betting warping politics—and military actions—is orders of magnitude worse…

Continue reading Insider Betting on Polymarket→

Smart Glasses for the Authorities

Posted on May 7, 2026 by Bruce Schneier

ICE is developing its own version of smart glasses, with facial recognition tied to various databases.
Continue reading Smart Glasses for the Authorities→

Rowhammer Attack Against NVIDIA Chips

Posted on May 6, 2026 by Bruce Schneier

A new rowhammer attack gives complete control of NVIDIA CPUs.

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—and potentially much more consequential—territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine. For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings.

“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the papers. “…

Continue reading Rowhammer Attack Against NVIDIA Chips→

DarkSword Malware

Posted on May 5, 2026 by Bruce Schneier

DarkSword is a sophisticated piece of malware—probably government designed—that targets iOS.

Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword. Since at least November 2025, GTIG has observed multiple commercial surveillance vendors and suspected state-sponsored actors utilizing DarkSword in distinct campaigns. These threat actors have deployed the exploit chain against targets in Saudi Arabia, Turkey, Malaysia, and Ukraine…

Continue reading DarkSword Malware→

Hacking Polymarket

Posted on May 4, 2026 by Bruce Schneier

Polymarket is a platform where people can bet on real-world events, political and otherwise. Leaving the ethical considerations of this aside (for one, it facilitates assassination), one of the issues with making this work is the verification of these … Continue reading Hacking Polymarket→