US Loosens Anthropic Claude Mythos Access, Unpatchable iPhone Exploit Emerges, and CISO Burnout Drives Fractional Shift

Washington granted a partial reprieve allowing Anthropic's Claude Mythos to be released to more than 100 approved U.S. firms and institutions after export controls paused Mythos and the more restricted Fable 5, with access still limited to vetted American entities; the same day, OpenAI's GPT 5.6 was also restricted to government-approved partners under a Trump executive order requiring review of cyber-capable models.

The episode also covers Canadian hacktivist Aubrey Cottle's 18-month sentence for the 2021 Texas GOP hack and bail breaches, with possible U.S. charges pending. Researchers disclosed "USBliterate," an unpatchable physical USB exploit in the Secure ROM of older A12/A13 iPhones that aids forensic extraction.

Finally, a survey finds rising CISO burnout, fewer full-time CISOs, growth in fractional CISO roles, and AI—especially shadow AI—overtaking liability as the top stressor.

00:55 AI Export Controls Shift

03:37 Anonymous Hacker Sentenced

05:32 Unpatchable iPhone Boot Exploit

07:30 CISO Burnout And Exodus

09:40 Wrap Up And Sign Off

Cybersecurity Today would like to than Material Security for their support of this podcast.

On Cybersecurity Today on the Weekend, the host speaks with Jennifer Hutton, a cybersecurity leader in the car dealership sector, about how she entered cybersecurity through increasing cyber insurance requirements and why dealerships are prime targets because they hold bank-level sensitive data and run complex digital and IoT ecosystems. They discuss the rise of cyber-enabled fraud, including impersonation scams, smishing, and synthetic identity fraud, and the need to educate both employees and customers. Hutton describes gaps in industry resources, especially for smaller dealers, and contrasts regulatory pressures such as updated FTC safeguards rules in the U.S. She emphasizes servant leadership, empathy, and communicating risk in business terms, arguing that cyber risk is business risk. The conversation also covers supply chain disruption from the CDK ransomware incident and the importance of incident response, business continuity, and resiliency-focused planning.

00:00 Weekend Show Kickoff
01:14 Jennifer's Cyber Origin
02:53 Why Dealerships Are Targets
04:30 Scams And Synthetic IDs
08:32 Industry Gaps And Sharing
10:42 Regulation And Tech Shift
13:48 Leading With Business Risk
21:29 Servant Leadership And AI
25:21 Empathy In Tech Teams
28:16 CDK Ransomware Lessons
29:53 Resilience Over Prevention
32:08 Advice To Dealership Leaders
34:49 Closing Thanks