Security and AI news from the week beginning 6 April 2026

Meta unveiled a new flagship AI model called Muse Spark. This is its first release from its revamped Superintelligence Lab. It comes as the company is expected to double its spend on AI as it struggles to keep up with Google and OpenAI.

Anthropic announced that its Claude Mythos Preview autonomously discovered thousands of zero-day vulnerabilities. Among those was a 27-year-old flaw in OpenBSD and a 16-year-old bug in FFmpeg that automated testing tools had hit five million times without catching. It also chained together multiple Linux kernel vulnerabilities to escalate from ordinary user access to full machine control. It also launched Project Glasswing.

Deloitte’s State of AI in the Enterprise 2026 report found that 40% of Indian respondents report significant or full AI deployment. That is well ahead of other countries, where the average adoption rate is 28% globally. Those departments using it the most are product development, strategy and operations, marketing and sales, and supply chain.

Maine is the latest US state to pass a bill restricting the use of AI. Lawmakers approved LD 2082, which would prohibit the clinical use of AI in mental health therapy while allowing its use in a purely administrative role. Missouri is due to vote on HB 2372, an omnibus health care bill that covers a multitude of subjects. Tennessee has multiple bills that will exclude AI from gaining personhood status in any form.

Russia’s military intelligence agency (GRU) has reportedly hacked thousands of home and small business routers. Fancy Bear (APT 28) apparently used known vulnerabilities in TP-Link and MikroTik devices to hijack traffic and steal passwords. It raised the question of how to make individuals patch their routers.

Microsoft locked out the developers behind VeraCrypt, WireGuard, Windscribe, and other important software. This has prevented them from releasing crucial updates. Microsoft is blaming the developers, saying that it has tried to verify their accounts for months but with no response.

A security researcher publicly released details of a Windows zero-day exploit called “BlueHammer”. They say that they only took this action after struggling to get Microsoft to deal with the bug. It will be interesting to see if this results in any reports of it being exploited.

In Case You Missed It

Professional services firms are rushing to adopt AI, but many are still struggling to turn pilots into profit. In an Enterprise Times podcast, Steve Brooks sat down with Raju Malhotra, Chief Product and Technology Officer at Certinia, to unpack what’s really behind the AI readiness gap and how services organisations can finally bridge it.

The Research Management Institute has published a study commissioned by Kantata. Titled “Resource Management in the Age of AI”, it is based on a quantitative survey answered by individuals from 44 different organisations. The report begins with a list of five key observations. Unusually, there is very little in the way of commentary or analysis from the report. There is also no qualitative element.

Remote has announced the acquisition of Bravas. Bravas, headquartered in France, provides a unified device, identity and security management platform for SMBs. Remote will look to embed the mobile device management and identity and access management into its full employee lifecycle platform.

Certes has released Certes v7, an extension of its Data Protection and Risk Mitigation (DPRM) platform. It extends the company’s Post-Quantum Cryptography solution to every app on every platform. The announcement claims “v7 keeps data protected even when infrastructure and identities are compromised.”

In Other News

DeDrone (Axon)

Axon announced a new standard in real-time intelligence during Axon Week 2026, its annual user conference. New AI-powered capabilities enable agencies to detect incidents earlier, access critical information faster, and coordinate responses more effectively while maintaining security and data control across the full incident lifecycle.

Intigriti

Chris Holt has written a blog looking at the increasing use of AI tools in bug bounty programmes. Holt believes we need to take stock of what impact they have had so we can look to the future and begin to address the reality and some of the fears surrounding this new technology.

Security and AI news from the week beginning 30 March 2026

The post Security and AI news from the week beginning 6 April 2026 appeared first on Enterprise Times.