Anthropic announced two major additions to its Claude Partner Network on Wednesday: a tiered Services Track and a new Claude Partner Hub, both designed to help enterprises identify qualified partners to deploy and manage Claude-powered AI systems. The move builds on the Claude Partner Network, launched in March, which Anthropic backed with a $100 million…
Tag: Claude
AI, Cybersecurity, Global Security News, Government & Policy
Anthropic expands Project Glasswing to 150 organizations in more than 15 countries
Anthropic is expanding Project Glasswing, its cybersecurity initiative built around the Claude Mythos Preview model, by adding about 150 organizations following several weeks of work with its initial group of partners, security firms, open-source maintainers, and government agencies. Organizations joining the program must meet security requirements before gaining access, Anthropic noted. The expansion brings the…
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Organizations using Claude Code GitHub Actions should review their CI/CD environments after a researcher found vulnerabilities that could expose repositories to compromise and supply chain attacks. The flaws, which have since been patched, allowed attackers to bypass permission controls and inject untrusted input into trusted workflows. These vulnerabilities allow “… an attacker [to] bypass its…
AI, Compliance, Data Security, Global Security News
Portal26 Adds Visibility, Management for Anthropic Claude
Portal26 has announced new enterprise AI management capabilities for Anthropic’s Claude and Claude Cowork, positioning the offering as a control layer for organizations scaling generative and agentic AI across business workflows. The company said the capabilities are designed to give enterprises real-time visibility into Claude usage, token consumption, security controls, governance enforcement, auditability, and analytics…
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
Fake Claude Code Installers Deliver Credential-Stealing Malware
Developers searching for Claude Code installation instructions could be walking into a sophisticated malware campaign that disguises itself as legitimate AI tooling documentation. Researchers found dozens of fake Claude Code and developer platform sites designed to steal credentials, API keys, and cryptocurrency. “The attack chain runs on the same unchecked trust that makes AI developer…
AI, Global Security News
Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users
Fake Anthropic websites are being used to target Claude Code users with a fileless infostealer campaign that steals browser credentials and evades detection.
AI, Global Security News
Anthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
Anthropic has released Claude Opus 4.8 and outlined plans for broader access to its Mythos-class models, which the company expects to make available to all customers in the coming weeks. Claude Opus 4.8 (Source: Anthropic) Claude Opus 4.8 is available to all users, with pricing unchanged from Opus 4.7. Anthropic highlighted improvements in model honesty,…
Global Security News
Claude now reviews and fixes vulnerabilities as you write code
Anthropic introduced a security-guidance plugin for Claude Code that reviews code changes for common vulnerabilities and helps Claude identify and fix issues during the same development session. The company says the plugin is designed to catch issues such as injection flaws, unsafe deserialization, and insecure DOM APIs before code reaches pull requests, reducing the amount…
Global Security News, malware
Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
Cybercriminals are using SEO poisoning and fake Gemini and Claude installer sites to infect developers with fileless malware and steal data.
AI, Global Security News
Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month
Anthropic says its Claude Mythos AI identified more than 10,000 software vulnerabilities in one month, including critical flaws in open-source code.
AI, Global Security News, malware
Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th)
Introduction In recent weeks, I’ve searched for pages impersonating Claude that distribute malware. In recent weeks, I’ve reliably found these sites through malicious ads in Google searches that lead to these pages, often concealed in URLs for sites.google[.]com, such as this example from 2026-05-11. These fake Claude pages generally show instructions for macOS malware when…
AI, Apps, Global Security News
OpenHack: Open-source AI-powered vulnerability research
Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new MIT-licensed project from the Dutch security firm Hadrian, called OpenHack, packages that approach into a file-based workspace that any of those harnesses can run. OpenHack is a set of agents and…
AI, APAC, Apps, Exploits, Global Security News, Network Security, Risk Management
The AI that cracked Apple Silicon is only the beginning
A security research team just used Claude Mythos to identify the first known exploit in Apple’s M5 chip. They needed physical access to the device to use it, the vulnerability has since been patched, and I don’t think it should be seen as a huge threat. But it is a stark warning that in this AI…
AI, Global Security News
Companies Have a New AI Problem: Too Many Agents
As it gets easier to create artificial-intelligence agents with platforms like Anthropic’s Claude Cowork , some businesses are dealing with ‘AI agent sprawl.’
Global Security News
Microsoft’s WinUI agent plugin trims token use by over 70% during development
Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent plugin ships one agent, eight skills, and several supporting tools targeting the loop developers run dozens of times a day: scaffold, build, run,…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Researchers say AI just broke every benchmark for autonomous cyber capability
Two of the most advanced artificial intelligence models — Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5 — have significantly surpassed the already-accelerating pace at which AI systems are completing autonomous cybersecurity tasks, according to separate findings published Wednesday by the United Kingdom’s AI Security Institute (AISI) and Palo Alto Networks. The AISI, which conducts pre-deployment…
AI, Cybersecurity, Europe, Global Security News, Government & Policy, malware, Network Security, Risk Management
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
OpenAI has unveiled Daybreak, its answer to Anthropic’s Claude Mythos, amid a growing market for frontier AI-powered cyber defense platforms. The initiative combines OpenAI’s large language models, Codex’s agentic capabilities, and integrations with the broader enterprise security ecosystem. The company said Daybreak is focused on accelerating cyber defense operations and enabling organizations to secure software…
AI, Cybersecurity, Europe, Global Security News, Government & Policy, malware, Network Security, Risk Management
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
OpenAI has unveiled Daybreak, its answer to Anthropic’s Claude Mythos, amid a growing market for frontier AI-powered cyber defense platforms. The initiative combines OpenAI’s large language models, Codex’s agentic capabilities, and integrations with the broader enterprise security ecosystem. The company said Daybreak is focused on accelerating cyber defense operations and enabling organizations to secure software…
AI, Apps, Global Security News, malware, Network Security
Fake Claude Code takes the IElevator to your browser secrets
Developers looking for Anthropic’s increasingly popular Claude Code tool are now being lured into downloading malware. According to researchers at Ontinue, attackers are abusing a fake Claude Code installer to deliver a previously undocumented PowerShell payload. The malware is designed to evade detection, recover browser encryption material, and steal sensitive data from developer systems. “Developers…
Global Security News
Fake Claude Code Page Pushes PowerShell Stealer at Devs
Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome’s IElevator2
AI, Global Security News
AI Can’t Agree on Which Jobs AI Might Destroy
Economists asked ChatGPT, Gemini and Claude which jobs were most exposed to AI. Many times, the answers varied widely.
AI, Global Security News
ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data
The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.
AI, Data Breaches, Exploits, Global Security News
Claude in Chrome is taking orders from the wrong extensions
Anthropic Claude’s Chrome browser extension, known as Claude in Chrome, has a bug that can allow other malicious extensions to hijack it, compromising trusted AI workflows. Researchers at LayerX Security have warned that Claude’s overly trusted browser communication flows can be abused to inject scripts that can potentially hijack the assistant’s capabilities and manipulate browsing…
AI, Apps, Global Security News
Snyk integrates Claude to advance AI-native application security
Snyk has announced it is leveraging Anthropic’s Claude models to advance software security. Snyk has integrated Claude into the Snyk AI Security Platform, enabling automated vulnerability discovery, prioritization, and developer-ready fixes across code, dependencies, containers, and AI-generated artifacts. The threat driving that integration is real and accelerating. It’s a challenge that JPMorganChase’s Global Technology Leadership…
AI, Global Security News
Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware
Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices.
AI, Global Security News
What Mozilla learned running an AI security bug hunting pipeline on Firefox
Over the past several months, Mozilla ran an agentic harness powered by Claude Mythos Preview across Firefox’s source code, identifying 271 security bugs that were fixed in Firefox 150, with additional fixes shipped in versions 149.0.2 and 150.0.1. Over 100 people contributed code to get those patches out. The bugs spanned a wide range of…
Global Security News
Fake Claude AI Site Drops Beagle Backdoor on Windows Users
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading
Global Security News
‘TrustFall’ Exposes Claude Code Execution Risk
Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction.
AI, Global Security News
Fake Claude AI website delivers new ‘Beagle’ Windows malware
A fake version for the Claude AI website offers a malicious Claude-Pro Relay download that pushes a previously undocumented backdoor for Windows named Beagle. […]
AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
Mythos AI: What Security Leaders Should Do Next
The recent discussion around Anthropic’s Claude Mythos Preview and Project Glasswing has caught the attention of the cybersecurity industry for good reason. Mythos is not just another AI announcement. It is being positioned as a frontier model with advanced cybersecurity capability, particularly around finding and exploiting software vulnerabilities. Anthropic has stated that Project Glasswing is…
AI, Global Security News
Donuts and Beagles: Fake Claude site spreads backdoor
A malicious imitation of Anthropic’s Claude site leads to DLL sideloading – and a backdoor Categories: Threat Research Tags: Claude, Beagle, Backdoor, malvertising, AI, DONUT, DLL sideloading, Sophos X-Ops
AI, Global Security News, malware
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
Targeting multiple industries worldwide, the InstallFix campaign uses fake Claude AI installer pages to trick users into running malware that collects system information, disables security features, achieves persistence, and connects to attacker-controlled C&C servers for additional payloads.
AI, Global Security News
Claude Security enters public beta with Opus 4.7 vulnerability scanning and patching
Claude Security, previously called Claude Code Security, is in public beta for Claude Enterprise customers. Available in Claude.ai, the capability scans codebases for security vulnerabilities and suggests targeted patches for review, helping teams identify and fix issues that might otherwise be missed. Admins can enable it in the admin console. Access for Claude Team and…
AI, Apps, Cloud Security, Cybersecurity, Global Security News, Network Security
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other leading organizations. This has generated a lot of discussion about the future of cybersecurity and what the ever-increasing capabilities of foundation models mean to organizations. As AWS CISO Amy Herzog pointed out in…
AI, Global Security News
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required
AI, Exploits, Global Security News, Network Security
Anthropic launches Claude Security to counter rapid AI-Powered exploits
Anthropic launched Claude Security to counter faster AI-driven cyberattacks, as tools like Mythos enable near-instant exploitation by threat actors. Anthropic introduced Claude Security to help defenders keep up with a surge in AI-powered cyberattacks. As models like Mythos drastically reduce the time needed to exploit vulnerabilities, similar tools will likely spread among criminals and nation-state…
AI, Cloud Security, Cybersecurity, Europe, Global Security News, Government & Policy, privacy, Risk Management
Bank regulator sounds warning over cybersecurity threat posed by AI models
Frontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking sector is ill equipped to cope with, Australia’s financial regulator, the Australian Prudential Regulation Authority (APRA), has warned. In a letter addressed to the country’s financial sector this week, the body lays out how the arrival of Claude…
AI, Compliance, Global Security News
GitLab Deepens Integration with Anthropic’s Claude Models to Accelerate Secure Software Development
COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call Anthropic’s newest Claude models, with every action governed by GitLab’s existing compliance, audit, and policy framework; no separate governance layer required. Enterprises can access Claude models, including the newly released Claude Opus 4.7, through GitLab via Google Cloud and AWS Bedrock to route…
Cybersecurity, Global Security News
Parsing Agentic Offensive Security’s Existential Threat
Some fear frontier LLMs like Claude Mythos and Anthropic’s GPT-5.5 will lead to cybersecurity annihilation. Ari Herbert-Voss notes this could be an opportunity.
AI, Cybersecurity, Global Security News
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren’t Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI system capable of identifying vulnerabilities at scale and raising serious questions about how quickly organizations can validate, prioritize, and remediate what it finds. The debate that followed has mostly focused on the right
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Data Breaches, Global Security News
Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach
Anthropic is investigating a vendor breach after a Discord-linked group accessed its Claude Mythos AI model, with no evidence of impact on core systems.
AI, Cybersecurity, Global Security News
Claude Mythos finds 271 Firefox flaws, Mozilla believes zero-days are numbered
The Mozilla Foundation tested Claude Mythos, an Anthropic AI model that has stirred debate in the cybersecurity community. Before granting access to Mythos, Mozilla scanned Firefox using Opus 4.6, which led to fixes for 22 security-sensitive bugs in Firefox 148. For instance, Mythos identified 271 vulnerabilities in Firefox 150. Firefox CTO Bobby Holley said other…
AI, Cybersecurity, Exploits, Global Security News
Claude Mythos – ist der Hype gerechtfertigt?
Claude Mythos wird derzeit von ausgesuchten Organisationen getestet – in erster Linie großen Tech-Konzernen aus den USA. Anthropic | Screenshot Der Hype um Anthropics Security-Modell Mythos bekommt erste Risse: Während KI-Konkurrent OpenAI plant, mit einem eigenen Cybersecurity-fokussierten KI-Modell „entgegenzuwirken“, stellen die Sicherheitsexperten von VulnCheck in einer aktuellen Untersuchung die praktischen Auswirkungen von Claude Mythos, respektive…
AI, Apps, Exploits, Global Security News, Risk Management
AI Model Claude Opus turns bugs into exploits for just $2,283
Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model…
AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Risk Management
White House moves to give federal agencies access to Anthropic’s Claude Mythos
The US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the AI model could rapidly spot cybersecurity vulnerabilities and offer the ability to exploit them. Federal Chief Information Officer Gregory Barbaccia at the White House Office of Management and Budget (OMB)…
AI, Cybersecurity, Global Security News, Risk Management
Anthropic’s latest model is deliberately less powerful than Mythos (and that’s the point)
Anthropic has today released a new, improved Claude model, Opus 4.7, but has deliberately built it to be less capable than the highly-anticipated Claude Mythos. Anthropic calls Opus 4.7 a “notable improvement” over Opus 4.6, offering advanced software engineering capabilities and improved visioning, memory, instruction-following, and financial analysis. However, the yet-to-be-released (and inadvertently leaked) Mythos…
AI, Global Security News, Government & Policy, privacy, Risk Management
Anthropic tests user trust with ID and selfie checks for Claude
Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI race, Anthropic risks undermining its positioning, as competitors such as OpenAI’s ChatGPT and Google’s Gemini do not…
AI, Global Security News, malware
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems.
AI, Cybersecurity, Global Security News
OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI
OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing
AI, Cybersecurity, Global Security News, Government & Policy, Network Security
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successfully engage in capture-the-flag (CTF) challenges and multi-step attack scenarios, and found that that while its cybersecurity capabilities exceed those of previously available models, it can’t reliably execute…
Global Security News
Anthropic Adds Novartis CEO to Board
The startup behind the popular Claude chatbot and coding tool is eyeing a potential IPO as soon as this year.
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity to trick users into downloading a ZIP archive presented as a “pro version” installer. The…
AI, Cloud Security, Global Security News
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Security experts warn of an “AI vulnerability storm” triggered by the introduction of Anthropic’s Claude Mythos in a new paper from the Cloud Security Alliance (CSA).
Global Security News, Government & Policy
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
AI, APAC, Cybersecurity, Exploits, Global Security News, Network Security
Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes
Anthropic’s Claude dug up a critical remote code execution (RCE) bug that sat quietly inside Apache ActiveMQ Classic for over a decade. Researchers at Horizon3.ai say that it only took minutes for their team to work out an exploit chain for the bug with the help of AI. The researcher behind the work, Naveen Sunkavally,…
AI, Global Security News
Claude Managed Agents bring execution and control to AI agent workflows
Anthropic’s Claude Managed Agents are a suite of composable APIs for building and deploying cloud-hosted agents at scale, handling sandboxed code execution, checkpointing, credential management, scoped permissions, and end-to-end tracing for you. Developers can define tasks, tools, and permissions within a managed environment, while the platform handles execution and state management. The product is currently…
Exploits, Global Security News
Claude Code Can Be Manipulated via CLAUDE.md to Run SQL Injection Attacks
LayerX researchers have discovered how to bypass Claude Code’s safety rules using the CLAUDE.md file. This exploit allows…
AI, Global Security News
Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities
Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software
AI, china, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management
Project Glasswing powered by Claude Mythos: defending software before hackers do
Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cybersecurity through Project Glasswing, aiming to secure critical software before it can be abused. Interest in Mythos grew after a leak of nearly 3,000 internal files…
AI, APAC, Global Security News
Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years
Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic
AI, Global Security News, Risk Management
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk.
AI, APAC, Global Security News
Anthropic cuts OpenClaw access from Claude subscriptions, offers credits to ease transition
Anthropic has blocked paid Claude subscribers from using the widely used open-source AI agent OpenClaw under their existing subscription plans, a move that took effect April 4 and has drawn pushback from subscribers who question both the cost implications and the company’s stated rationale. In an email to subscribers reviewed by InfoWorld, Anthropic said access…
AI, Exploits, Global Security News, Risk Management
Claude Code is still vulnerable to an attack Anthropic has already fixed
The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code. The vulnerability, revealed by AI security company Adversa, is that if Claude Code is presented with a command composed of more than 50 subcommands, then for subcommands after the 50th it will…
Cybersecurity, Exploits, Global Security News, malware
Claude Code source leak exploited to spread malware
A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software. Leaked Claude Code source code used as lure On March 31, 2026, Anthropic accidentally exposed online the source code of…
AI, Global Security News
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks.
Exploits, Global Security News, malware
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. […]
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
Claude Code Leak Exposes AI Supply Chain Threats
A leak involving Anthropic’s Claude Code has drawn attention from the cybersecurity and developer communities, exposing internal components of the AI coding agent and introducing potential risks for organizations. “The significance of this leak is in what the code reveals about AI agent architecture. The leak exposed approximately 512,000 lines of TypeScript across roughly 1,900…
AI, Global Security News
Anthropic Leaks 512,000 Lines of Claude AI Code in Major Blunder
Human error exposed 512,000+ lines of Anthropic Claude AI Code, revealing KAIROS and Capybara secrets, pushing users to switch to the Native Installer.
Global Security News
Claude Code source code accidentally leaked in NPM package
Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. […]
AI, Data Breaches, Global Security News, Venture
Anthropic accidentally leaks Claude Code
Anthropic accidentally exposed Claude Code source via npm, causing the code to quickly spread online after discovery. Anthropic accidentally leaked the source code of its Claude Code tool after a large debug file was included in a public npm release. The file exposed over 500,000 lines of code, which were quickly discovered, shared, and analyzed…
Global Security News
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file. […]
AI, Global Security News
Anthropic cuts action approval loop, lets Claude Code make the call
Auto mode is a new permissions feature in the Claude Code system that allows the AI to make approval decisions on a user’s behalf while safeguards review actions before execution. The feature is available on Team plans and requires administrator approval before use, with support for Enterprise and API users expected soon. It runs on…
AI, Apps, Global Security News
Claude Code and Cowork can now use your computer
Anthropic’s Claude is getting a new feature that allows the AI model to use your computer to perform tasks automatically. Both Cowork and Code can then navigate the screen by pointing, clicking, and scrolling, open files, use the browser, and run development tools without the need for special integrations. The feature also supports the recently…
AI, Global Security News
Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)
So, I’ve been slow to get on the Claude Code/OpenCode/Codex/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (/security-review) some of my python scripts. He found more than I’d like to admit, so I checked in a bunch of updates. In reviewing his suggestions, he was right, I made…
GeekGuyBlog
Exploiting Claude: The Security Flaws Endangering Data Privacy
Discover the serious security flaws in Claude that threaten data privacy and learn how attackers could exploit them to breach enterprise systems.
AI, Global Security News
“Claudy Day” Flaws Allow Data Theft via Fake Claude AI Ads, Report
Researchers detail “Claudy Day” flaws in Claude AI that could enable data theft using fake Google Ads, hidden…
AI, Cybersecurity, Global Security News
ClickFix Attack Targets Devs with MacSync Malware via Fake Claude Tools
Cybersecurity researchers at 7AI have revealed a new Claude Fraud campaign in which hackers use fake AI extensions and Google ads to steal data from tech professionals.
AI, Global Security News
New Claude tool uses AI agents to find bugs in pull requests
Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could trust on every PR. Code Review is the result: deep, multi-agent reviews that catch bugs human reviewers often…
AI, Global Security News, malware
Fake Claude Code install pages highlight rise of “InstallFix” attacks
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting it on a lookalike domain, and paying Google to surface those fake pages on the top…
AI, APAC, Exploits, Global Security News, Risk Management
Anthropic Claude Opus AI model discovers 22 Firefox bugs
Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, released in January 2026. Anthropic discovered 22 security vulnerabilities in Firefox using its Claude Opus 4.6 AI model in January 2026. Mozilla addressed these issues in Firefox 148. The researchers state…
AI, Global Security News
The Race to Replace GPS
Plus, how Claude got so good at catching bugs and inside the rise of in-house AI evangelists.
AI, Global Security News, Government & Policy
Cyberattack on Mexico’s Gov’t Agencies Highlight AI Threat
Using Anthropic’s Claude, OpenAI’s ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens’ data.
AI, china, Global Security News, Government & Policy, Network Security, Risk Management
Anthropic AI ultimatums and IP theft: The unspoken risk
Two recent high-profile events concerning Anthropic’s Claude AI underscore a little-discussed risk at the heart of the enterprise’s rush to capitalize on leading AI capabilities. The first incident involved a China-based extraction campaign against Anthropic’s intellectual property. The second was the Trump administration’s banning of Claude for federal use after the company resisted US demands…
AI, Global Security News, Risk Management
Anthropic poaches users from rival chatbots with easier migration
The controversy over Anthropic’s negotiations with the Pentagon has driven increased interest in Claude. Negotiations between the Department of Defense and Anthropic collapsed after a deadline for an agreement expired without a deal. The Pentagon had pressed the company to loosen certain restrictions on how its AI systems could be used. Anthropic declined and kept…
Cybersecurity, Global Security News
CISOs in a Pinch: A Security Analysis of OpenClaw
Learn how Claude Code Security set Cybersecurity stocks on fire.
Global Security News
Anthropic confirms Claude is down in a worldwide outage
Claude appears to be having a major outage right now, with elevated errors reported across all platforms. […]
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Venture
Claude code abused to steal 150GB in cyberattack on Mexican agencies
Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The…
AI, Global Security News
Claude 3 snares itself regular writing gig
Claude Opus 3, which has been replaced by Claude Opus 4.6 as Anthropic’s most powerful AI model, has managed to find a new position. The “newly retired” AI model has launched its own Substack blog, Claude’s Corner, which it is aiming to publish it weekly. Claude set out its purpose in writing the blog: “My…
Global Security News
Claude Code Security Shows Promise, Not Perfection
Claude Code’s introduction rippled across the stock market, but researchers and analysts say its impact was overstated, as they peel back the layers.
AI, Global Security News
OpenAI’s Sam Altman Calls for De-Escalation in Anthropic Showdown With Hegseth
Anthropic has spent weeks at odds with the Pentagon over the scope of how its Claude AI tools can be used.
AI, Global Security News, Network Security, Risk Management
Untrusted repositories turn Claude code into an attack vector
Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthropic’s Claude Code AI coding assistant that could lead to remote code execution and API key theft. The vulnerabilities abuse features such as Hooks, MCP servers, and…
AI, Cybersecurity, Exploits, Global Security News
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. “The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing
Global Security News
Anthropic brings Claude Code to mobile devices
Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The feature is rolling out as a research preview to Max users. This is another in a series of additions the company has introduced recently, following Claude Opus…
AI, Compliance, Global Security News
AI agent platforms could push down SaaS license costs, report argues
A suggestion by Anthropic that its Claude Code tool could be used to automate the modernization of an antediluvian programming language, COBOL, still an important sideline for IBM six decades after it was first deployed, sent IBM stock tumbling on Monday. The company suffered a 13.2% drop in its stock price, its biggest fall since…
AI, Global Security News, Risk Management
Anthropic Claims Chinese AI Firms ‘Distilled’ Claude to Train Their Models
Anthropic claims Chinese AI firms distilled Claude to train rival AI models, raising concerns about model extraction, security risks, and AI distillation abuse.
AI, Global Security News
Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns
Anthropic accused DeepSeek, Moonshot and MiniMax of illicitly using Claude to steal some of the AI model’s capabilities
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Anthropic’s Claude Code Security rollout is an industry wakeup call
When Anthropic launched a “limited research preview” of its Claude Code Security offering on Friday, Wall Street investors sent the stocks of the largest cybersecurity vendors plunging. But did the Anthropic rollout warrant such a reaction? After all, those companies, including CrowdStrike, Zscaler, Palo Alto Networks and Okta, are preparing their own agentic capabilities, and…