Check Point released updates for CVE-2026-50751, an authentication bypass in IKEv1-based Remote Access and Mobile Access VPNs that has been exploited since May and impacted a few dozen organizations, including a confirmed Qilin ransomware incident. They also patched CVE-2026-50752, a certificate validation flaw in IKEv1 site-to-site VPNs, and urge customers to move to IKEv2, enforce machine certificates, or apply the provided mitigations.

Anthropic’s new Claude Mythos Preview model can autonomously find and exploit zero-day and N-day vulnerabilities across major OSes and browsers. In testing, it produced sophisticated exploits—from JIT heap sprays to multi-packet ROP chains—and outperformed prior models by a wide margin. Project Glasswing will share these capabilities with select partners to shore up defenses before wider release.

Anthropic is holding back its new AI model, Claude Mythos Preview, and teaming up with over 40 tech firms to hunt and patch security flaws in critical software. The company says the model can autonomously find zero-day vulnerabilities that have eluded researchers for decades, raising fresh concerns about AI-driven cyberattacks.