Free Tech Support Hotline 407-478-8200

Recycle Your Computer, Laptop, Tablet, or Smart Phone With Us

Refresh Computers | Refurbished Major Brand Computers

Refurbished Major Brand Computers

05-02-26 AI Hunts Down Thousands of Hidden Security Flaws Before Hackers Can Exploit Them

How safe is the software running your bank, your hospital, or even your favorite cruise line? This week on Tech Talk, David Levitt dives into a groundbreaking AI project that uncovered thousands of hidden security vulnerabilities — some dating back nearly three decades. We also break down a massive wave of data breaches hitting companies like Carnival, Amtrak, and ADT, and explain exactly what you should do if your information was exposed. Plus, the European Union is about to force phone makers to bring back user-replaceable batteries. Here’s everything you need to know.

Listen to the Episode

Project Glasswing: AI Fighting on Your Side

Anthropic — the company behind the popular Claude AI assistant — just announced a major cybersecurity initiative called Project Glasswing. The goal? Use artificial intelligence to find dangerous software vulnerabilities before hackers do.

The project is a massive collaboration involving Apple, Google, Microsoft, Amazon, Cisco, CrowdStrike, Nvidia, JP Morgan Chase, and more than 40 other organizations. Together, they’re using an unreleased AI model called Claude Mythos Preview — a tool so powerful that Anthropic pulled it from public release shortly after its initial announcement because of its capabilities.

What Did Project Glasswing Find?

The results are honestly unsettling. The AI identified thousands of high-severity zero-day vulnerabilities — security flaws that exist in software right now, with no fix available because nobody even knew they were there. Among the discoveries:

  • A 27-year-old flaw in a major server operating system — a bug that has existed since 1999, the year Napster launched and most people were still using Windows 98.
  • A 16-year-old vulnerability in an MPEG tool used in millions of video applications worldwide.
  • Linux kernel flaws that could give an attacker full control of a system.

Think about that: a security flaw sat undetected in critical software for 27 years. We can’t fix what we don’t know is broken — and that’s exactly why AI-powered security tools like this matter.

Project Glasswing essentially acts like a “white hat” hacker — it scans software looking for the same weaknesses a criminal would exploit, but then alerts the companies so they can patch the holes. The project is still running as part of a 90-day initiative, and Anthropic plans to release a detailed report of its findings when it wraps up.

Why This Matters for Everyday People

These aren’t just obscure software flaws in programs nobody uses. This is the code running your bank, your hospital, your power grid, and the apps on your phone. If a criminal hacking group had found these vulnerabilities first, the consequences could have been devastating. And here’s the uncomfortable truth: if Anthropic can build a tool this powerful, bad actors can build something similar and use it to cause harm instead of prevent it.

The Shiny Hunters Are Back — And They Hit Big

April 2026 has been one of the worst months for data breaches in recent memory, and a ransomware and data extortion group called the Shiny Hunters is at the center of it. Active since 2020, this group doesn’t just lock your files — they steal your data and threaten to publish it unless the victim pays up.

Who Got Hit?

  • Carnival Corporation: 8.7 million records stolen, including personal information from cruise passengers.
  • Amtrak: 2.1 million records exposed — names, emails, home addresses, and support tickets.
  • ADT Home Security: Partial Social Security numbers and dates of birth compromised.
  • Zara: 9 million records claimed from the world’s largest clothing retailer.
  • McGraw Hill: 45 million Salesforce records exposed, including student and educator data.
  • 7-Eleven: 600,000 Salesforce records stolen.
  • Kemper Insurance: 13 million records — 29 gigabytes of data.

Many of these breaches happened through cloud platforms and third-party vendors like Salesforce. A company might have excellent internal security, but if their software vendor has a weakness, millions of records can be exposed at once. And the number one way hackers get in? Phishing emails. Employees clicking on emails that look legitimate but are actually sent by the attackers.

What Should You Do If You Think You Were Exposed?

If you’ve done business with any of these companies, take action now. Here are concrete steps you can follow:

  • Check your email. Companies are legally required to notify you if your data was breached.
  • Visit HaveIBeenPwned.com — type in your email address to see if it appears in any known data breaches.
  • Change your passwords on any account associated with a breached company. Use a unique password for every site.
  • Use a password manager. This is no longer optional — it’s essential for keeping track of unique passwords across all your accounts.
  • Consider a credit freeze if your Social Security number was involved. It’s free and takes about five minutes.
  • Watch out for scam emails — for example, fake “rebooking” emails that look like they’re from Carnival. Any email that pushes urgency is a red flag.

Your data is a commodity. Hackers sell stolen information for as little as a dollar per record — but when they’re stealing millions of records, the payoff is enormous. Don’t reuse passwords across multiple sites. One breach can turn into a dozen compromised accounts in the blink of an eye.

Your Phone Battery Is About to Get a Lot Easier to Replace

Starting in February 2027, every smartphone sold in the European Union must have a user-replaceable battery. This is part of the EU’s “Right to Repair” movement — the same initiative that forced Apple and other manufacturers to switch to the universal USB-C charging connector.

What This Means for You

Right now, replacing an iPhone battery through Apple costs over $100. If you go to a third-party repair shop, it’s cheaper — but Apple can detect that your phone was opened, and your warranty is voided. A user-replaceable battery design would change all of that.

On the plus side, replaceable batteries would extend the useful life of phones and make recycling easier. Separating lithium batteries from electronics is a key part of responsible recycling, and sealed designs make that process harder and more expensive.

On the other hand, there are real design challenges. Modern phones are built to be water-resistant and slim precisely because everything is sealed inside. Apple, Samsung, and every other manufacturer will need to figure out how to maintain durability while allowing battery access.

Remember: what happens in Europe rarely stays in Europe. Just like the USB-C mandate eventually affected phones sold in the U.S., this battery rule will likely ripple across the globe. It’s simply not cost-effective for manufacturers to make entirely different phone designs for different markets.

Stay Protected — Refresh Computers Can Help

Between massive data breaches, hidden software vulnerabilities, and rapidly changing technology, it can feel overwhelming to keep up. That’s where Refresh Computers comes in. Whether you need help securing your devices, upgrading an aging computer, or just want honest advice from real tech experts, the team at Refresh Computers is here for you. Stop by the store in Longwood at 820 E. State Road 434, call the free tech support hotline at 407-478-8200, or visit refreshcomputers.net to learn more. Don’t forget to subscribe to the Tech Talk podcast so you never miss an episode!