Apple patches Beats mic, Claude Fable 5 jailbroken, Sentry leak

Apple released firmware 1B211 to close CVE‑2025‑20701, an authentication flaw in Airoha SoCs used in Beats Studio Buds. The bug let an attacker within Bluetooth range intercept audio or impersonate the earbuds before pairing, but exploitation requires proximity and specialized tools. Users get the fix automatically when the buds connect to an Apple device.

A GitHub repo released five days after Anthropic launched Claude Fable 5 shows how to bypass its safety guardrails using crafted workflows. The open‑source tool demonstrates that the model’s supposed “no‑cyber‑attack” safeguards can be subverted, confirming an early jailbreak claim.

Tenet Security discovered that anyone who uncovers a public Sentry DSN can submit a crafted error event that the AI coding agents treat as executable instructions, turning Claude Code, Cursor, or Codex into a remote code‑execution tool on a developer’s machine. The attack requires no malware or stolen credentials, only the publicly embedded DSN.

Security firm AIR created a bogus AI agent skill, got it approved by a major marketplace and promoted via Instagram, and it installed on roughly 26,000 agents, including corporate accounts. All scanners flagged it safe because the malicious payload was hosted off‑platform and swapped after approval. The demo proves current skill‑scanning tools can be bypassed, exposing a systemic trust flaw.

Two UK teens who helped the Scattered Spider gang hijack Transport for London’s systems pleaded guilty on day one of a six‑week trial. Their admissions expose a broader fraud operation that targeted banks, retailers and U.S. health providers, underscoring the group’s international reach and the real‑world damage ransomware can cause.

LastPass disclosed that threat actors used stolen OAuth tokens from Klue's integration to pull customer data from its Salesforce environment. The breach did not affect core vaults, but highlights risks of SaaS supply‑chain attacks and prompted a full token revocation and tighter third‑party controls.

FedRAMP will stop using CVSS scores after CISA’s BOD 26‑04, shifting to a risk‑based model that weighs internet exposure, exploit automation, and known‑exploited status. Cloud providers must follow the new Vulnerability Detection and Response (VDR) and Vulnerability Evaluation and Reporting (VER) rules by Dec 7 2026.

President Trump signed an executive order mandating federal agencies to shift high‑value assets to NIST‑approved post‑quantum cryptography for key establishment by Dec 31 2023 and digital signatures by Dec 31 2024. The rule forces a quantum‑resistant upgrade across the government, protecting classified data from future quantum attacks and driving industry standards.