July 2, 2026
Today's top tech stories, deduped across the newsletters I read and briefly summarized. Click a source to open the original article.
AI
Anthropic restores access to Claude Fable 5 and Claude Mythos 5
Anthropic has restored access to Claude Fable 5 and Mythos 5 after the U.S. Department of Commerce lifted export controls on both models. Access had been temporarily blocked due to export regulations.
Claude Sonnet 5 released
Anthropic released Claude Sonnet 5, with the developer documentation detailing several improvements over its predecessor. Simon Willison walked through the developer changelog.
Google releases Gemini 3.1 Flash Lite Image
Google DeepMind released Gemini 3.1 Flash Lite Image — also called "Nano Banana 2 Lite" — the fastest and cheapest image generation model in the Gemini family. The model is available via the Gemini API.
Security
DHS confirms breach of HSIN information-sharing platform
The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive platform used by federal, state, local, and private-sector partners. The breach hits a key node in U.S. national-security information sharing.
FortiBleed credential-theft campaign linked to Lynx ransomware
The massive FortiBleed campaign that harvested Fortinet credentials has been tied to the INC and Lynx ransomware operations, suggesting the stolen logins were staged for future network intrusions. Organizations running Fortinet appliances should rotate credentials immediately.
Password spray hits Microsoft 365 with 81 million login attempts in two weeks
An aggressive password-spraying campaign against Microsoft 365 environments generated over 81 million login attempts over two weeks. The scale underscores the ongoing threat to enterprises relying on cloud productivity suites.
ChocoPoC malware targets security researchers via trojanized PoC exploits
Multiple weaponized proof-of-concept exploits on GitHub deliver a Python-based remote access trojan named ChocoPoC that can execute commands and exfiltrate data from compromised systems. The campaign appears to specifically target cybersecurity researchers.
Over 900 Oracle E-Business Suite instances exposed to active attacks
More than 900 Oracle E-Business Suite instances have been found exposed online while attackers actively exploit a critical vulnerability. Organizations running Oracle EBS should patch and restrict public exposure immediately.
Dev
Cloudflare launches Monetization Gateway for x402 payments
Cloudflare released Monetization Gateway, letting developers charge for any resource behind Cloudflare using the x402 payment protocol. It removes the need for a third-party payment service to gate API or content access.
Box3D: open-source 3D physics engine announced
Box3D is a new open-source 3D physics engine from the team behind Box2D, designed for games and simulations. The project quickly attracted significant attention from the developer community.
Other
First cell built from scratch grows and divides on its own
For the first time, researchers have constructed a cell from scratch that grows and divides independently, according to Quanta Magazine. The breakthrough is a historic milestone in synthetic biology.
PlayStation ending physical disc production for new games in January 2028
Sony announced that physical disc production for new PlayStation games will end in January 2028. The move signals a definitive industry shift away from physical media.