SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape.
This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment.
Here are this week’s highlights:
Fed officials discuss Anthropic’s Mythos AI with major US banks
Fed Chair Jerome Powell and Treasury Secretary Scott Bessent met with the heads of major US banks this week to discuss the possible cyber risks raised by Anthropic’s new Mythos model that was announced earlier this week, CNBC reported Friday. Mythos is Anthropic’s most powerful frontier AI model to date, a high-reasoning system with such advanced autonomous cybersecurity and exploit-chaining capabilities that it is currently restricted to a select group of partners under an initiative called Project Glasswing.
New Mac stealer targets cryptocurrency wallets
A hacker who stormed off a major underground forum in 2023 came back in 2024 under a new alias, and by early 2026 had delivered on a promise: a sophisticated macOS stealer called NotnullOSX that exclusively targets victims holding over $10,000 in crypto. The malware, first detected on March 30, 2026 in Vietnam, Taiwan, and Spain, spreads through fake Google documents and malicious DMG files, tricking users into handing over Full Disk Access, which gives it a free pass to iMessages, Apple Notes, browser credentials, and crypto wallets with no additional prompts.
Major Japanese brands unite to boost cybersecurity
Ten leading Japanese corporations, including Suntory, Kao, Asahi, and NTT, are establishing a joint organization to share intelligence on cyber threats and develop specialized security talent. This collaborative effort follows a significant breach at Asahi last September that disrupted shipments and exposed vulnerabilities in interconnected food and retail networks.
Legal giant Jones Day targeted by cybercrime group
The Silent Ransom Group used social engineering tactics to infiltrate Jones Day, successfully accessing records belonging to 10 of the law firm’s clients. The threat actors, who also operate under the name Luna Moth, reportedly leaked sensitive documents and internal negotiation logs after the firm refused to meet a $13 million ransom demand.
Spyware maker receives lenient sentence
Bryan Fleming, the founder of the surveillance tool pcTattletale, was sentenced to time served and a $5,000 fine for producing software that allowed users to secretly monitor victims. This case marks the first federal conviction of a spyware operator in more than a decade and signals a potential shift in how the government prosecutes creators of intrusive tracking technology. Although Fleming’s software facilitated illegal surveillance and suffered a massive data leak before shutting down, he will not face any additional prison time.
Legal tech firm DocketWise reports major breach
Austin-based DocketWise, an immigration and case management platform for legal professionals, confirmed a data security incident that exposed the personal information of 116,000 individuals. The breach, discovered in October 2025, involved unauthorized access to credentials for a third-party repository containing unstructured law firm client data.
Cloudflare speeds up post-quantum transition
Cloudflare has moved its full post-quantum security deadline to 2029, a shift prompted by Google’s recent revelation that it significantly enhanced quantum algorithms capable of breaking current encryption. The tech giant also prioritized quantum-secure authentication after research from Oratomic suggested that neutral atom computers could crack RSA-2048 and P-256 with far fewer qubits than previously estimated. By accelerating its roadmap, Cloudflare aims to implement advanced authentication across its entire suite.
HackerOne halts new IBB submissions to recalibrate for AI era
The Internet Bug Bounty (IBB) program has officially paused new vulnerability submissions as of March 27, 2026, due to an influx of AI-assisted security research. Program organizers noted that the speed and volume of discoveries generated by artificial intelligence have overwhelmed the open source community’s capacity to provide timely remediations. While current reports will still be processed, HackerOne intends to restructure the program’s incentives to better balance finding flaws with successfully fixing them.
Researcher leaks Windows zero-day following dispute with Microsoft
A researcher has released a Windows zero-day exploit dubbed BlueHammer that leverages a race condition in Microsoft Defender to grant attackers full SYSTEM privileges. The privilege escalation flaw was disclosed following a breakdown in communication with Microsoft, with the researcher citing frustration with the company’s handling of the bug report. Microsoft has yet to release a patch or assign a CVE.
Hacker claims massive breach of China supercomputing center
A hacker operating under the alias FlamingChina claims to have accessed the National Supercomputing Center in Tianjin via a compromised VPN and used a botnet to quietly extract over 10 petabytes of data over six months. Samples posted on Telegram in February 2026 include documents marked ‘secret’, as well as technical files, simulations, and renderings of defense equipment, such as bombs and missiles. The hacker is attempting to sell the data, offering limited previews for thousands of dollars and full access for hundreds of thousands, payable in cryptocurrency. While some experts who reviewed the samples called them authentic, others have questioned the hacker’s claims.
Stryker confirms financial hit following cyberattack
Stryker confirmed that a March 2026 cybersecurity incident caused significant operational disruptions that will materially impact its first-quarter financial results. While the company has restored its global manufacturing and distribution systems, the investigation into the full extent of the data breach and its regulatory implications remains ongoing. Despite the short-term earnings dip, the medical device manufacturer expects to maintain its full-year financial guidance as it works with law enforcement and security experts to finalize recovery efforts.
Related: In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
Related: In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
