Man arrested over stolen patient personal data - RTHK

Police said they have arrested a man working for a contractor commissioned by the Hospital Authority for allegedly stealing the personal data of tens of thousands of patients. The data breach resulted in details of more than 56,000 patients from the Kowloon East cluster being taken without authorisation and leaked on a third-party platform. Officers said the 30-year-old suspect, who worked as a system developer for the contractor, was arrested on suspicion of access to computer with dishonest intent after analysing the system's logs. Cheung Hau-yee, superintendent of the force's cybersecurity and technology crime bureau, said officers are trying to establish a motive for the data breach. "We noticed that files of the leaked data were put online. We and the Hospital Authority's IT department are actively working to request the relevant platforms to remove the relevant information," she said. Tony Ha, the authority's director of strategy and planning, said the contractor was responsible for a system related to operating rooms of the cluster's hospitals. "The system contained the personal data of patients requiring surgery and details of surgical procedures, among other information. The system involved in this case is not connected with the clinical management system. The system in question only involves information relating to the operating room," he said. "Neither the system nor the contractor is authorised to access the complete medical records of patients." Ha also said the authority had suspended all contractors from accessing its systems, and that any emergency maintenance would require the approval and supervision of the authority. Edited by Edmond Fong

President Nicusor Dan: Prolonged cyberattack network disrupted; Russia is continuing hybrid war

The Federal Bureau of Investigation (FBI), together with several partners including the Romanian Intelligence Service (SRI), announced the disruption of a prolonged cyberattack network targeting sensitive infrastructure in several Western states, President Nicusor Dan said on Wednesday. "Cyber actors associated with the GRU, the intelligence service of the Russian army, were collecting military, governmental and critical infrastructure-related information. Russia is therefore continuing its hybrid war against Western countries and only those acting in bad faith fail to see this. Romania must improve its cybersecurity and continue to cooperate with its Western partners," the head of state wrote on Facebook.

KIMES 2026 Wraps Up with Success... Record-Breaking Scale with 75k Visitors and $450 million in Export Consultations | Weekly Voice

The ribbon-cutting ceremony featured 24 key dignitaries at the opening of KIMES 2026. - Largest-ever scale with 1,490 manufacturers from 41 countries showcasing 39,000 products and technologies - Domestic consultations reached 2.3 trillion KRW SEOCHO-GU, SEOUL, SOUTH KOREA, April 8, 2026 /EINPresswire.com/ -- The 41st International Medical Hospital & IT Equipment Show, 'KIMES 2026,' has successfully concluded, marking the largest scale in its history. Co-hosted by Korea E&EX (CEO: Jeong-jo Kim), the Korea Medical Devices Industrial Cooperative Association (Chairman: Young-gyu Lee), and the Korea Medical Devices Industry Association (Chairman: Young-min Kim), the exhibition was held for four days from the 19th to the 22nd across the entire COEX halls in Samseong-dong, Seoul. This year's KIMES 2026 spanned an exhibition area of 45,000 square meters, featuring 1,490 manufacturers from 41 countries (846 domestic and 644 overseas). They showcased approximately 39,000 products and technologies covering the entire medical spectrum, including medical imaging diagnostics, physical therapy, rehabilitation, prevention, skincare, beauty care, and medical IT. The exhibition achieved significant results across various indicators, including the number of participating companies and visitors, as well as export consultation performance. It significantly elevated its status as a global AI medical business hub by hosting its first-ever official keynote in its 46-year history, alongside the GMEP export consultation meeting, Medical Korea, the INSPIRE and BEAUTY & DERMA special pavilions, and medical academic conferences. ■ Meaningful Business Results: 75,000 Visitors, 2.3 Trillion KRW in Domestic and $450 Million in Export Consultations Over the four days of KIMES 2026, a total of 75,003 domestic and international visitors attended, including 5,464 overseas buyers. These numbers represent an approximately 3.4% increase compared to the previous year (72,507), marking the largest attendance on record. The overall business performance during the exhibition totaled 2.3 trillion KRW in domestic sales and $450 million in export consultations. In terms of actual contracts, the figures reached 280 billion KRW for domestic deals and $170 million for exports. The 'Global Medical Equipment Plaza 2026 (GMEP 2026),' held in collaboration with KOTRA, celebrated its 13th year with 370 domestic companies and 176 overseas buyers -- the largest participation to date. Amidst high interest in medical devices integrating AI, robotics, and digital technology, export contracts worth $40 million were signed through over 2,000 consultations with buyers from Germany, Australia, Brazil, Vietnam, and more -- a 49% increase from the previous year. 'Medical Korea 2026,' hosted by the Ministry of Health and Welfare and organized by the Korea Health Industry Development Institute, also broke records with 7,071 global healthcare stakeholders from 47 countries. The newly introduced business roundtable featured government and corporate representatives from Ukraine and the U.S., laying the foundation for cooperation with institutions seeking to enter the local market. The international patient attraction meeting saw 26 buyers from 16 countries and 141 domestic institutions participate in 641 consultations, resulting in 97 Memorandums of Understanding (MOUs). In the medical overseas expansion export consultation meeting, 12 overseas buyers from 6 countries and 31 domestic companies held 130 business meetings, successfully concluding 9 export contracts worth approximately $5.3 million. ■ Expanded Programs: First Official Keynote in 46 Years and Special Pavilions Most notably, the first official keynote in the event's 46-year history, titled "First Pulse: AI in Healthcare," drew significant attention. On the opening day (19th), six representative AI leaders took the stage to share visions on the paradigm shift in healthcare: Byung-tak Zhang (Director at Seoul National University Hospital), In-hyuk Choi (CEO of Naver), Hee Hwang (CEO of Kakao Healthcare), Jong-min Choi (VP at Samsung Electronics), Byung-hwi Suh (VP at Amorepacific), and Gyu-hyuk Jang (Senior Staff Engineer at Google DeepMind). The two expanded special pavilions also garnered intense interest: * INSPIRE Digital Healthcare Pavilion: This pavilion tripled in size from the previous year, featuring 51 startups and innovative companies in medical AI, digital healthcare, wearables, and data analysis. The 'INSPIRE Open Stage' provided practical business touchpoints through sessions on startup investment, cybersecurity, and AI applications in the beauty and senior industries. * BEAUTY & DERMA Seoul by KIMES: Following its debut last year, the exhibition space was expanded 1.5 times. 84 companies showcasing skin care devices, skincare products, fillers, and laser equipment participated, highlighting the global competitiveness of the K-Beauty medical aesthetics field. At the 'Medicomtek (Medical Device Components & Materials Technology Exhibition)' held in COEX Hall D, 58 companies specializing in electrical/electronic components, medical polymers, and precision motors/optical modules introduced core hardware technologies. Additionally, various medical policy seminars and academic conferences served as platforms for knowledge sharing among practitioners, researchers, and corporate officials seeking global expansion. Jeong-jo Kim, CEO of Korea E&EX, remarked, "KIMES 2026 has once again proven its role as a core global platform that showcases the advanced AI medical ecosystem to the world based on South Korea's excellent IT infrastructure. KIMES will continue to complete a global MICE model where technology, investment, and policy are organically combined, positioning itself as a key platform for the sustainable growth of the Korean medical industry -- from discovering startups to pioneering overseas markets." EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Building AI defenses at scale: Before the threats emerge | Amazon Web Services

At AWS, we've spent decades developing processes and tools that enable us to defend millions of customers simultaneously, wherever they operate around the world. Every day, our security and threat intelligence teams are doing work with AI and automation that most people never see. Our AI-powered log analysis system has reduced the time SecOps engineers spend analyzing security logs from an average of six hours to just seven minutes, a 50x productivity increase that lets us detect and respond to threats faster than ever. Across AWS, we analyze over 400 trillion network flows per day to detect patterns that signal emerging threats. In 2025 alone, we blocked over 300 million attempts to maliciously encrypt customer files hosted on Amazon S3. What we learn protecting one customer helps protect all customers. At this scale, every threat we see makes our defenses stronger for everyone, and AI is already central to how we do it. Today, Anthropic announced Project Glasswing, a cybersecurity initiative designed to secure the world's most critical software and advance the cybersecurity practices the industry will need as AI grows more capable. Organizations that build or maintain critical digital infrastructure are getting early access to Claude Mythos Preview, a new class of AI model, to find and patch vulnerabilities in the systems the world depends on. Given our role in securing some of the world's most essential infrastructure, AWS is playing an integral part in advancing this work. Powering the project is Claude Mythos Preview, Anthropic's most advanced AI model to date and a step-change in reasoning and AI capabilities for cybersecurity. Claude Mythos Preview represents a fundamentally new model class: more intelligent and capable than Anthropic's previous frontier models, with higher performance on cybersecurity, software coding, and complex reasoning tasks. As part of Project Glasswing, we've already applied Claude Mythos Preview to critical AWS codebases that undergo continuous AI-powered security reviews, and even in those well-tested environments, it's helped us identify additional opportunities to strengthen our code. In our internal testing, Claude Mythos Preview has proven more productive than previous models at surfacing security findings, requiring less manual guidance from our engineers to deliver actionable results. We've also given early access to a select group of AWS customers, who are deploying Claude Mythos Preview in their own security workflows and helping shape how the model evolves. For us, Claude Mythos Preview is a natural extension of the AI tools we already use, and as the technology grows more powerful, so must our defenses. This is exactly the kind of innovation that drives our work, and we've been working closely with Anthropic to help ensure Claude Mythos Preview is ready for enterprise use. AWS is Anthropic's primary cloud provider for mission-critical workloads, safety research, and foundation model development. More broadly, AWS provides the foundational infrastructure that the world's leading AI companies rely on to build, train, and deploy their most advanced models. We're bringing decades of security experience to this partnership, helping to ensure Claude Mythos Preview is ready for even more organizations to build upon and operate securely at scale. Claude Mythos Preview signals an upcoming wave of models that can find vulnerabilities and build working exploits at a scale and speed we haven't seen before. Anthropic and AWS are taking a deliberately cautious approach to release. Access begins with a small number of organizations, prioritizing internet-critical companies and open-source maintainers whose software and digital services impact hundreds of millions of users. The goal: find and fix vulnerabilities in the world's most critical software. Claude Mythos Preview is available in gated research preview through Amazon Bedrock with enterprise-grade security controls, including customer-managed encryption, VPC isolation, and detailed logging, so your team can explore Claude Mythos Preview's capabilities without exposing production assets to unnecessary risk. Our work with Project Glasswing is grounded in a philosophy we've developed over two decades of securing mission-critical workloads: you can't wait for threats to materialize before building your defenses. You have to look around corners, adopt new technologies, build protections first, deploy them in your own operations at scale, and refine them based on what you learn. That's exactly what we've done at AWS with AI and security. Our approach spans the full spectrum: proactive defense through threat hunting and vulnerability research, dynamic response to active campaigns, and third-party certifications that verify our security practices meet the highest industry standards. This operational experience has taught us where AI accelerates security work and where human judgment remains essential. And it's reinforced that security innovation must be pragmatic: proven in production before we ask you to rely on it. That's also why we help define what secure AI looks like. We became the first major cloud provider to achieve ISO 42001 certification for AI services. We're active participants in OWASP, the Coalition for Secure AI, and the Frontier Model Safety Framework. And we co-founded the Open Cybersecurity Schema Framework (OCSF) to enable better threat intelligence sharing across the ecosystem. The AWS Nitro System provides mathematical isolation for workloads. Our zero-operator access architecture means AWS personnel can't access your data. These aren't aspirational goals. They're how we operate today, at scale, every day. Amazon Bedrock is where these principles come to life for AI. It provides policy-enforced access controls, built-in evaluation tools to measure how effectively models identify and validate vulnerabilities, and the ability to run workloads inside your own virtual private cloud. AWS is also the first cloud provider to achieve FedRAMP High and Department of Defense Security Requirements Guide Impact Level 4 and 5 authorizations for generally available Claude foundation models, reinforcing that Amazon Bedrock is where the most security-sensitive organizations already trust Anthropic's technology. The same principles that guide our work at AWS scale apply regardless of which AI tools you're using: comprehensive observability, defense in depth, automation where it adds value, and human judgment where it's essential. Here's how to put them into practice. Prepare for the next generation of AI security. Claude Mythos Preview signals an upcoming wave of AI models that will transform cybersecurity. Start strengthening your security posture now so your organization is ready as these capabilities become more broadly available. Claude Mythos Preview is available in gated preview through Amazon Bedrock, and access is limited to an initial allow-list of organizations. If your organization has been allow-listed, your AWS account team will reach out directly. Run on-demand penetration testing with AWS Security Agent. Now generally available, AWS Security Agent delivers autonomous penetration testing that operates 24/7 at a fraction of the cost of manual penetration tests. It transforms penetration testing from a periodic bottleneck into an on-demand capability that scales with your development velocity across AWS, Azure, GCP, other cloud providers, and on-premises. AWS Security Agent represents a new class of frontier agents: autonomous systems that work independently to achieve goals, scale to tackle concurrent tasks, and run persistently without constant human oversight. It deploys specialized AI agents to discover, validate, and report security vulnerabilities through sophisticated multi-step attack scenarios. Unlike traditional scanners that generate findings without validation, AWS Security Agent identifies potential vulnerabilities, then attempts to exploit them with targeted payloads and attack chains to confirm they are legitimate security risks. Each finding includes CVSS risk scores, application-specific severity ratings, detailed reproduction steps, and remediation suggestions. The result: penetration testing that once took weeks now completes in hours, and security coverage that scales across your entire application portfolio, not just your most critical systems. New customers can explore AWS Security Agent with a 2-month free trial. Build AI applications you can trust with Amazon Bedrock. For teams building with generative AI, the challenge isn't just making AI work, it's making AI work safely. Amazon Bedrock provides the security and safety controls you need to deploy AI responsibly. Its Automated Reasoning capability is the first and only AI safeguard to use formal logic to help prevent factual errors from hallucinations, providing verifiable explanations with 99% accuracy, a capability we've refined over more than a decade of applying formal methods across AWS storage, identity, and networking. Amazon Bedrock also provides customizable guardrails that block harmful content and enforce your content policies, along with comprehensive observability to track AI behavior and detect anomalies across your workloads. The threat landscape isn't waiting for us to catch up. Nation-state actors, ransomware operators, and supply chain attackers are already using AI to scale their operations. Our job is to stay ahead by building defenses first, deploying them at scale, and sharing what we learn so the entire community benefits. That's what we do every day at AWS. We prove technology works in our own operations before we ask customers to rely on it. We set standards rather than follow them. And we look around corners to address tomorrow's challenges today. As AI capabilities continue to evolve, this approach won't change. We'll keep building defenses first, refining them at scale, and working with partners like Anthropic to ensure the next generation of AI security tools meets the real-world needs of enterprises defending at this scale.

Anthropic Project Glasswing to Use AI to Fix Software Bugs With AI

Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities AI firm Anthropic has launched Project Glasswing, an initiative which uses AI to identify and remediate undiscovered cybersecurity vulnerabilities in critical software. Project Glasswing, named after the glasswing butterfly, is based on Claude Mythos Preview, a powerful, not publicly available, version of Anthropic's Large Language Model (LLM). The company described the model as the "most capable yet for coding and agentic tasks" and that it can "deeply understand and modify complex software," allowing Claude Mythos Preview to autonomously find and fix cybersecurity vulnerabilities at scale. Anthropic did not train it specifically for cybersecurity, rather it said the capabilities are the result of its "strong agentic coding and reasoning skills." Announced publicly on April 7, the capabilities of Claude Mythos Preview have already been tested by Anthrophic's launch partners for Project Glasswing. These include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. In testing, the model discovered thousands of zero-day vulnerabilities which had not previously been identified. These included: Anthropic said that it had reported the vulnerabilities it discovered to the maintainers of the relevant software. The publicly identified vulnerabilities have already been patched. "Our eventual goal is to enable our users to safely deploy Mythos-class models at scale," the AI firm said. As part of Project Glasswing, Anthropic has committed up to $100m in usage credits to over 40 additional organizations that build or maintain critical software infrastructure so they can use the model to scan and secure both first-party and open-source systems. The company will also provide $4m in donations to open-source security organizations to support the work and to develop patches, if necessary. Anthropic said it does not plan to make Claude Mythos Preview publicly available. It is intended for use by cybersecurity defenders and with appropriate guardrails in place. However, threat actors have managed to jailbreak, abuse or even develop their own malicious versions of AI models to help commit AI-powered cybercrime at scale and some industry insiders have voiced concern over the potential for attackers to get hold of Mythos. "It's highly questionable that Anthropic will be able to limit the malicious uses of this model," said Jeff Williams, founder of OWASP and Co-Founder and CTO of Contrast Security. Senior cybersecurity personnel at several of Anthropic's partners welcomed the development being made with Claude Mythos Preview and Project Glasswing. "Google is pleased to see this cross-industry cybersecurity initiative coming together and to make Mythos Preview available to participants via Vertex AI. It's always been critical that the industry work together on emerging security issues, whether it's post-quantum cryptography, responsible zero-day disclosure, secure open source software, or defense against AI-based attacks," said Heather Adkins, VP of security engineering at Google. Igor Tsyganskiy, EVP of cybersecurity and research at Microsoft, said: "As we enter a phase where cybersecurity is no longer bound by purely human capacity, the opportunity to use AI responsibly to improve security and reduce risk at scale is unprecedented. Joining Project Glasswing, with access to Claude Mythos Preview, allows us to identify and mitigate risk early and augment our security and development solutions so we can better protect customers and Microsoft."

Load More