The latest WIRED investigation sheds light on a controversial predictive policing initiative in Bristol, England. This program has employed 23 different models over the past decade with the aim of assessing the probability that certain individuals will either commit or become victims of various crimes. Utilizing data from public records requests as well as other investigative journalism, the report unveils a convoluted law enforcement system that profoundly impacts the local community, yet remains largely unknown to its residents.
In another significant cyber incident, the identities of members of Peter Thiel’s private “Dialog” group were disclosed last week, prompting the organization to claim that a “criminal” hacker orchestrated the breach. However, the evidence indicates that the personal information of members—including a White House intelligence official and an active-duty special operations officer—was publicly accessible due to a misconfiguration on the Dialog website.
On the AI front, Anthropic and the White House are in deliberations regarding the release of the latest Claude Mythos 5 and Fable 5 models. Critics of Anthropic have raised concerns about the company’s rapid accumulation of power, which it argues is essential for the safe and responsible development of AI technologies. Recently, the White House granted Anthropic permission to make Mythos 5 available again to select U.S. companies and government agencies.
Further compounding the urgency in AI security, OpenAI recently introduced an upgraded version of its limited-release GPT-5.5-Cyber model while launching “Patch the Planet,” a full-scale initiative aimed at aiding open-source projects focused on vulnerability patching. These efforts come amid escalating concerns about a potential “Chernobyl moment” as the AI arms race intensifies between the U.S. and China, with significant anxiety expressed by AI experts on both sides.
As the World Cup approaches its knockout stage, the surge in related scams continues to complicate matters for soccer fans, making fraud increasingly difficult to detect.
In security developments, LastPass has reported yet another breach, adding to its history of significant data incidents. The company notified its customers this week that their names, phone numbers, email addresses, and other sensitive information were compromised as a result of a breach at Klue, an AI business intelligence firm. Attackers gained unauthorized access to Klue’s customer tokens, enabling them to pull data from Salesforce and other integrated platforms. Notably, LastPass clarified that this breach did not affect its own infrastructure or password vaults.
Accompanying this news, John Bolton, former national security adviser, pleaded guilty to mishandling classified defense information. The plea deal, which could potentially spare him from prison, recommends a maximum sentence of five years. A decision on sentencing will take place on October 28, with Bolton required to pay a fine of $2.25 million, though he retains the option to withdraw his plea if the terms change.
This week, a joint operation led by Microsoft and Europol disrupted essential infrastructures linked to the Amadey and StealC malware, crucial components in the cybercriminal ecosystem. This initiative was part of Operation Endgame, which involved identifying and dismantling the organizational frameworks that support ransomware and other cybercrimes. The operation effectively neutralized hundreds of servers and domains, recovering substantial illicit assets, including $47 million in stolen cryptocurrency and approximately 27 million access credentials.
Moreover, Australia’s Security and Intelligence Organisation (ASIO) revealed plans to establish teams dedicated to countering state-sponsored cyber threats against critical infrastructure. ASIO indicated that it had verified the presence of nation-state actors exploiting vulnerabilities within an Australian critical infrastructure network, raising alarms about potential sabotage. The agency’s director general disclosed that malicious groups had successfully mapped the network while maintaining access to critical credentials.