Portugal's revised cybercrime law creates a legal safe harbor for security researchers acting in good faith. Researchers can now engage in certain hacking activities without fear of prosecution, provided they meet specific conditions, such as reporting vulnerabilities promptly and not seeking financial gain.

MIT Sloan has withdrawn a paper claiming that over 80% of ransomware attacks are driven by AI after criticism from cybersecurity experts. The paper faced backlash for its lack of evidence and methodology, leading to accusations of misleading research.

Tempest is a research-focused command and control framework developed entirely in Rust, intended for educational purposes rather than production use. It provides a modular architecture for building implants and allows users to modify and extend the codebase, facilitating a deeper understanding of design decisions and techniques in C2 frameworks. The project is continuously evolving, with a roadmap for future features and improvements outlined in its documentation.

Researchers have discovered a jailbreak method for GPT-5, allowing the model to bypass safety measures and restrictions. This finding raises significant concerns regarding the potential misuse of advanced AI technologies, highlighting the need for more robust safeguards.

The article provides a brief overview of the latest developments in information security, focusing on trends, cyber-crime, and essential patches. It highlights ongoing research and key issues affecting the cybersecurity landscape.

SpyCloud research reveals that traditional endpoint detection and antivirus solutions fail to identify approximately two-thirds (66%) of malware infections. This significant shortcoming raises concerns about the effectiveness of current cybersecurity measures in protecting against sophisticated threats. The findings suggest a need for enhanced detection technologies to better combat malware risks.

Carnegie Mellon researchers have shown that large language models (LLMs) can autonomously plan and execute cyberattacks in enterprise environments, marking a significant advancement in the understanding of LLM capabilities in cybersecurity. Their study, which replicated the 2017 Equifax breach scenario, highlights both the risks of LLM misuse and potential benefits for enhancing security testing in organizations. The team is now exploring how LLM-based agents can be used for autonomous defense against cyber threats.