President Donald Trump signed an executive order Friday that revises and rolls back cybersecurity policies set in place by his Democratic predecessors, Barack Obama and Joe Biden. In a White House fact sheet, the administration claims that Biden’s Executive Order 14144 — signed days before the end of his presidency — was an attempt “to sneak problematic and distracting issues into cybersecurity policy.” Among other things, Biden’s order encouraged agencies to “consider accepting digital identity documents” when public benefit programs require ID. Trump struck that part of the order, with the White House now saying this approach risks “widespread abuse by enabling illegal immigrants to improperly access public benefits.” However, Mark Montgomery, senior director of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, told Politico that “the fixation on revoking digital ID mandates is prioritizing questionable immigration benefits over proven cybersecurity benefits.”  On AI, Trump removed Biden’s requirements around testing the use of AI to defend energy infrastructure, funding federal research programs around AI security, and directing the Pentagon to “use AI models for cyber security.” The White House describes its moves on AI as refocusing AI cybersecurity strategy “towards identifying and managing vulnerabilities, rather than censorship.” (Trump’s Silicon Valley allies have complained repeatedly about the threat of AI “censorship.”) Trump’s order also removed requirements that agencies start using quantum-resistant encryption “as soon as practicable.” And it removed requirements that federal contractors attest to the security of their software — the White House describes those requirements as “unproven and burdensome software accounting processes that prioritized compliance checklists over genuine security investments.” Techcrunch event Save $200+ on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Save $200+ on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Boston, MA | July 15 REGISTER NOW Going back even further, Trump’s executive order repeals Obama’s policies around sanctions for cybersecurity attacks on the United States; those sanctions can now only be applied to “foreign malicious actors.” The White House says this will will prevent “misuse against domestic political opponents” and clarify that “sanctions do not apply to election-related activities.”

Anthropic has unveiled a custom collection of Claude AI models designed for US national security customers. The announcement represents a potential milestone in the application of AI within classified government environments. The ‘Claude Gov’ models have already been deployed by agencies operating at the highest levels of US national security, with access strictly limited to those working within such classified environments. Anthropic says these Claude Gov models emerged from extensive collaboration with government customers to address real-world operational requirements. Despite being tailored for national security applications, Anthropic maintains that these models underwent the same rigorous safety testing as other Claude models in their portfolio. Specialised AI capabilities for national security The specialised models deliver improved performance across several critical areas for government operations. They feature enhanced handling of classified materials, with fewer instances where the AI refuses to engage with sensitive information—a common frustration in secure environments. Additional improvements include better comprehension of documents within intelligence and defence contexts, enhanced proficiency in languages crucial to national security operations, and superior interpretation of complex cybersecurity data for intelligence analysis. However, this announcement arrives amid ongoing debates about AI regulation in the US. Anthropic CEO Dario Amodei recently expressed concerns about proposed legislation that would grant a decade-long freeze on state regulation of AI. Balancing innovation with regulation In a guest essay published in The New York Times this week, Amodei advocated for transparency rules rather than regulatory moratoriums. He detailed internal evaluations revealing concerning behaviours in advanced AI models, including an instance where Anthropic’s newest model threatened to expose a user’s private emails unless a shutdown plan was cancelled. Amodei compared AI safety testing to wind tunnel trials for aircraft designed to expose defects before public release, emphasising that safety teams must detect and block risks proactively. Anthropic has positioned itself as an advocate for responsible AI development. Under its Responsible Scaling Policy, the company already shares details about testing methods, risk-mitigation steps, and release criteria—practices Amodei believes should become standard across the industry. He suggests that formalising similar practices industry-wide would enable both the public and legislators to monitor capability improvements and determine whether additional regulatory action becomes necessary. Implications of AI in national security The deployment of advanced models within national security contexts raises important questions about the role of AI in intelligence gathering, strategic planning, and defence operations. Amodei has expressed support for export controls on advanced chips and the military adoption of trusted systems to counter rivals like China, indicating Anthropic’s awareness of the geopolitical implications of AI technology. The Claude Gov models could potentially serve numerous applications for national security, from strategic planning and operational support to intelligence analysis and threat assessment—all within the framework of Anthropic’s stated commitment to responsible AI development. Regulatory landscape As Anthropic rolls out these specialised models for government use, the broader regulatory environment for AI remains in flux. The Senate is currently considering language that would institute a moratorium on state-level AI regulation, with hearings planned before voting on the broader technology measure. Amodei has suggested that states could adopt narrow disclosure rules that defer to a future federal framework, with a supremacy clause eventually preempting state measures to preserve uniformity without halting near-term local action. This approach would allow for some immediate regulatory protection while working toward a comprehensive national standard. As these technologies become more deeply integrated into national security operations, questions of safety, oversight, and appropriate use will remain at the forefront of both policy discussions and public debate. For Anthropic, the challenge will be maintaining its commitment to responsible AI development while meeting the specialised needs of government customers for crtitical applications such as national security. (Image credit: Anthropic) See also: Reddit sues Anthropic over AI data scraping Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Intelligent Automation Conference, BlockX, Digital Transformation Week, and Cyber Security & Cloud Expo. Explore other upcoming enterprise technology events and webinars powered by TechForge here. The post Anthropic launches Claude AI models for US national security appeared first on AI News.

This audio is auto-generated. Please let us know if you have feedback. President Donald Trump signed an executive order (EO) Friday that scratched or revised several of his Democratic predecessors’ major cybersecurity initiatives. “Just days before President Trump took office, the Biden Administration attempted to sneak problematic and distracting issues into cybersecurity policy,” the White House said in a fact sheet about Trump’s new directive, referring to projects that Biden launched with his Jan. 15 executive order. Trump’s new EO eliminates those projects, which would have required software vendors to prove their compliance with new federal security standards, prioritized research and testing of artificial intelligence for cyber defense and accelerated the rollout of encryption that withstands the future code-cracking powers of quantum computers. “President Trump has made it clear that this Administration will do what it takes to make America cyber secure,” the White House said in its fact sheet, “including focusing relentlessly on technical and organizational professionalism to improve the security and resilience of the nation’s information systems and networks.” Major cyber regulation shift Trump’s elimination of Biden’s software security requirements for federal contractors represents a significant government reversal on cyber regulation. Following years of major cyberattacks linked to insecure software, the Biden administration sought to use federal procurement power to improve the software industry’s practices. That effort began with Biden’s 2021 cyber order and gained strength in 2024, and then Biden officials tried to add teeth to the initiative before leaving office in January. But as it eliminated that project on Friday, the Trump administration castigated Biden’s efforts as “imposing unproven and burdensome software accounting processes that prioritized compliance checklists over genuine security investments.” Trump’s order eliminates provisions from Biden’s directive that would have required federal contractors to submit “secure software development attestations,” along with technical data to back up those attestations. Also now eradicated are provisions that would have required the Cybersecurity and Infrastructure Security Agency to verify vendors’ attestations, required the Office of the National Cyber Director to publish the results of those reviews and encouraged ONCD to refer companies whose attestations fail a review to the Justice Department “for action as appropriate.” Trump’s order leaves in place a National Institute of Standards and Technology collaboration with industry to update NIST’s Software Software Development Framework, but it eliminates parts of Biden’s order that would have incorporated those SSDF updates into security requirements for federal vendors. In a related move, Trump eliminated provisions of his predecessor’s order that would have required NIST to “issue guidance identifying minimum cybersecurity practices” (based on a review of globally accepted standards) and required federal contractors to follow those practices. AI security cut Trump also took an axe to Biden requirements related to AI and its ability to help repel cyberattacks. He scrapped a Biden initiative to test AI’s power to “enhance cyber defense of critical infrastructure in the energy sector,” as well as one that would have directed federal research programs to prioritize topics like the security of AI-powered coding and “methods for designing secure AI systems.” The EO also killed a provision would have required the Pentagon to “use advanced AI models for cyber defense.” On quantum computing, Trump’s directive significantly pares back Biden’s attempts to accelerate the government’s adoption of post-quantum cryptography. Biden told agencies to start using quantum-resistant encryption “as soon as practicable” and to start requiring vendors to use it when technologically possible. Trump eliminated those requirements, leaving only a Biden requirement that CISA maintain “a list of product categories in which products that support post-quantum cryptography … are widely available.” Trump also eliminated instructions for the departments of State and Commerce to encourage key foreign allies and overseas industries to adopt NIST’s PQC algorithms. The EO dropped many other provisions of Biden’s January directive, including one requiring agencies to start testing phishing-resistant authentication technologies, one requiring NIST to advise other agencies on internet routing security and one requiring agencies to use strong email encryption. Trump also cut language directing the Office of Management and Budget to advise agencies on addressing risks related to IT vendor concentration. In his January order, Biden ordered agencies to explore and encourage the use of digital identity documents to prevent fraud, including in public benefits programs. Trump eliminated those initiatives, calling them “inappropriate.”  Trump also tweaked the language of Obama-era sanctions authorities targeting people involved in cyberattacks on the U.S., specifying that the Treasury Department can only sanction foreigners for these activities. The White House said Trump’s change would prevent the power’s “misuse against domestic political opponents.” Amid the whirlwind of changes, Trump left one major Biden-era cyber program intact: a Federal Communications Commission project, modeled on the Energy Star program, that will apply government seals of approval to technology products that undergo security testing by federally accredited labs. Trump preserved the language in Biden’s order that requires companies selling internet-of-things devices to the federal government to go through the FCC program by January 2027.

Jun 06, 2025The Hacker NewsMalware / Endpoint Security Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum. "macOS users are served a malicious shell script designed to steal system passwords and download an AMOS variant for further exploitation," security researcher Koushik Pal said in a report published this week. "The script uses native macOS commands to harvest credentials, bypass security mechanisms, and execute malicious binaries." It's believed that the activity is the work of Russian-speaking cybercriminals owing to the presence of Russian language comments in the malware's source code. The starting point of the attack is a web page that impersonates Spectrum ("panel-spectrum[.]net" or "spectrum-ticket[.]net"). Visitors to the sites in question are served a message that instructs them to complete a hCaptcha verification check to in order to "review the security" of their connection before proceeding further. However, when the user clicks the "I am human" checkbox for evaluation, they are displayed an error message stating "CAPTCHA verification failed," urging them to click a button to go ahead with an "Alternative Verification." Doing so causes a command to be copied to the users' clipboard and the victim is shown a set of instructions depending on their operating system. While they are guided to run a PowerShell command on Windows by opening the Windows Run dialog, it's substituted by a shell script that's executed by launching the Terminal app on macOS. The shell script, for its part, prompts users to enter their system password and downloads a next-stage payload, in this case, a known stealer called Atomic Stealer. "Poorly implemented logic in the delivery sites, such as mismatched instructions across platforms, points to hastily assembled infrastructure," Pal said. "The delivery pages in question for this AMOS variant campaign contained inaccuracies in both its programming and front-end logic. For Linux user agents, a PowerShell command was copied. Furthermore, the instruction 'Press & hold the Windows Key + R' was displayed to both Windows and Mac users." The disclosure comes amid a surge in campaigns using the ClickFix tactic to deliver a wide range of malware families over the past year. "Actors carrying out these targeted attacks typically utilize similar techniques, tools, and procedures (TTPs) to gain initial access," Darktrace said. "These include spear phishing attacks, drive-by compromises, or exploiting trust in familiar online platforms, such as GitHub, to deliver malicious payloads." The links distributed using these vectors typically redirect the end user to a malicious URL that displays a fake CAPTCHA verification check in an attempt to deceive users into thinking that they are carrying out something innocuous, when, in reality, they are guided to execute malicious commands to fix a non-existent issue. The end result of this effective social engineering method is that users end up compromising their own systems, enabling threat actors to bypass security controls. The cybersecurity company said it identified multiple ClickFix attacks across customer environments in Europe, the Middle East, and Africa (EMEA), and in the United States. And these campaigns are gaining steam, adopting several variations but operating with the same end goal of delivering malicious payloads, ranging from trojans to stealers to ransomware. Earlier this week, Cofense outlined an email phishing campaign that spoofs Booking.com, targeting hotel chains and the food services sector with fake CAPTCHAs that lead to XWorm RAT, PureLogs Stealer, and DanaBot. The fact that ClickFix is flexible and easy to adapt makes it an attractive malware distribution mechanism. "While the exact email structure varies from sample to sample, these campaigns generally provide Booking[.]com-spoofing emails with embedded links to a ClickFix fake CAPTCHA site which is used to deliver a malicious script that runs RATs and/or information stealers," Cofense said. The email security firm said it has also observed ClickFix samples mimicking cookie consent banners, wherein clicking on the "Accept" button causes a malicious script file to be downloaded. The user is subsequently prompted to run the script to accept cookies. In one April 2025 incident analyzed by Darktrace, unknown threat actors were found to utilize ClickFix as an attack vector to download nondescript payloads to burrow deeper into the target environment, conduct lateral movement, send system-related information to an external server via an HTTP POST request, and ultimately exfiltrate data. "ClickFix baiting is a widely used tactic in which threat actors exploit human error to bypass security defenses," Darktrace said. "By tricking endpoint users into performing seemingly harmless, everyday actions, attackers gain initial access to systems where they can access and exfiltrate sensitive data." Other ClickFix attacks have employed phony versions of other popular CAPTCHA services like Google reCAPTCHA and Cloudflare Turnstile for malware delivery under the guise of routine security checks. These fake pages are "pixel-perfect copies" of their legitimate counterparts, sometimes even injected into real-but-hacked websites to trick unsuspecting users. Stealers such as Lumma and StealC, as well as full-fledged remote access trojans (RATs) like NetSupport RAT are some of the payloads distributed via bogus Turnstile pages. "Modern internet users are inundated with spam checks, CAPTCHAs, and security prompts on websites, and they've been conditioned to click through these as quickly as possible," SlashNext's Daniel Kelley said. "Attackers exploit this 'verification fatigue,' knowing that many users will comply with whatever steps are presented if it looks routine." Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Plus: A 22-year-old former intern gets put in charge of a key anti-terrorism program, threat intelligence firms finally wrangle their confusing names for hacker groups, and more.

The company's new report outlines the latest examples of AI misuse and abuse originating from China and elsewhere.

Exclusive: The company's co-founder and CTO blame a former employee for a breach, but cannot rule out that it wasn't.

How emerging tech makes it easier to defraud schools out of millions  University Business

Hundreds of millions of users could be exposed in "largest breach ever" against Chinese victims.

In an effort to evade detection, cybercriminals are increasingly turning to “residential proxy” services that cover their tracks by making it look like everyday online activity.