All news with #anthropic tag

🛡️ Anthropic appears to be preparing a public rollout of its restricted Mythos model, which the company warned poses major security risks by automating high-quality cyberattacks. Announced in April as an advanced frontier model, Mythos showed dramatic improvements in code reasoning and autonomy compared to Opus 4.7. References briefly appeared in Claude Code and Claude Security, suggesting a controlled preview, while Anthropic builds guardrails and works with partners through its Glasswing initiative.

🔎 Anthropic disclosed that Project Glasswing and access to Claude Mythos Preview helped partners uncover over 10,000 high- or critical-severity vulnerability candidates across widely used, systemically important software since last month. Analysis verified 1,726 true positives, including 1,094 high- or critical-severity flaws, and resulted in 97 upstream patches and 88 advisories. One notable finding was a critical WolfSSL flaw (CVE-2026-5194).

🔒 Cloudflare has extended its Cloud Access Security Broker (CASB) to support the Claude Compliance API, enabling security and compliance teams to monitor Claude Enterprise activity directly in the Cloudflare dashboard without endpoint agents. The integration surfaces security findings for projects, attachments, chat files, messages, and provider-generated artifacts, and groups findings by category and severity. Customers can immediately convert findings into enforcement actions via Gateway policies and use existing detection and remediation workflows. Setup requires a Claude Enterprise account and Compliance API access, and the integration begins scanning and surfacing findings within minutes.

🔒 A security report details how a group used Anthropic’s Mythos AI model to discover a kernel memory corruption vulnerability and develop an exploit targeting Apple’s M5 platform. The article summarizes the incident and notes it was posted on May 21, 2026. It highlights implications for macOS security and the role of advanced AI tools in vulnerability discovery. The piece is concise and focused on the exploit’s origin and significance.

🛈 Amazon Bedrock now supports request-level usage attribution on the InvokeModel and InvokeModelWithResponseStream APIs, enabling customers to tag individual model inference calls with attributes such as team, project, and environment. This capability extends existing attribution options like application inference profiles, IAM principal attribution, project-level tracking on bedrock-mantle, and workspace tracking for Anthropic Claude models. Customers can enable model invocation logging in their AWS Region and include metadata in requests to analyze usage in Bedrock model invocation logs. The feature is available in all AWS commercial Regions where Amazon Bedrock is offered.

🚀 Cloudflare and Anthropic have integrated Claude Managed Agents with Cloudflare Sandboxes, allowing teams to run the Claude agent loop on Anthropic while Cloudflare executes code, secures connections, and provides detailed observability. A default deployment template offers enhanced security through customizable outbound proxies, sandbox metrics and logs, SSH access, and configurable sandbox images. You can choose traditional microVMs or lightweight V8 isolates to optimize for performance and cost, and use Cloudflare Mesh or Workers VPC to connect agents to private services without exposing them to the Internet.

🔍 Cloudflare tested security-focused LLMs on its infrastructure and reports detailed findings from using Anthropic’s Mythos Preview as part of Project Glasswing. The model stood out for exploit chain construction and automated proof generation, producing runnable PoCs and iterating on failures. Its emergent guardrails proved inconsistent across runs and prompts, so Cloudflare built a tailored harness and additional safeguards to scale safely. The team also observed higher-quality, actionable findings compared with earlier frontier models, but noted increased noise from memory-unsafe languages and model bias.

🔍 Anthropic’s announcement that Claude Mythos Preview will not be released publicly underscores both genuine capability and strategic constraint. Independent testing and reproductions suggest similar performance from OpenAI’s GPT-5.5 and smaller community models, while Mythos’ cost and corporate incentives shape access. These generative systems dramatically improve automated vulnerability discovery, empowering both attackers and defenders. Mozilla’s use found 271 flaws, but many devices remain unpatchable, so organizations must adapt quickly.

🛡️ Palo Alto Networks is expanding its Frontier AI Alliance to scale delivery of autonomous, real-time defenses. Building on the Frontier AI Defense initiative and recent testing of frontier models (including Anthropic’s Mythos, Claude Opus 4.7, and OpenAI’s GPT-5.5-Cyber), the company has added a new cohort of strategic partners. By pairing Palo Alto Networks’ technology with partners’ consulting expertise, the program aims to deliver AI readiness at scale and machine-speed MTTR to customers.

🔒 Palo Alto Networks reports ongoing testing of frontier AI models, including Anthropic and OpenAI, finding they rapidly surface code vulnerabilities and potential exploit paths. In the May 'Patch Wednesday' advisories the majority of findings originated from these AI scans, prompting broad rescanning and remediation. The company warns of a narrow three-to-five-month window before AI-driven exploits spread and offers Unit 42 services to help organizations respond.

🔒 Anthropic's Mythos Preview, shared last month with a limited set of security partners, has demonstrated the ability to autonomously find zero-day vulnerabilities across major operating systems and browsers. Anthropic paired the release with Project Glasswing and $100 million in usage credits to help defenders, but reports of unauthorized access and denied requests from Chinese entities have already emerged. The development challenges the assumption of a durable US lead and has injected cybersecurity into high-level US–China summit talks, prompting urgent questions about access, regulation, and international cooperation.

🛡️Researchers at Ontinue warn that attackers are impersonating Anthropic’s Claude Code installer to deploy a previously undocumented PowerShell loader that evades detection and extracts browser encryption material. The campaign swaps the legitimate one-line install command for an attacker-controlled PowerShell chain, establishing stealthy persistence and exfiltration. It also abuses Chrome’s IElevator2 elevation interface to recover Application-Bound Encryption (ABE) keys introduced in Chrome 127.

🚀 AWS announced general availability of Claude Platform on AWS, enabling customers to access Anthropic’s native Claude experience directly through their AWS accounts. The service is operated by Anthropic and processes customer data outside the AWS security boundary, while integrating with existing IAM, consolidated billing, and CloudTrail for visibility. It includes APIs, console access, early beta features, and capabilities such as Claude Managed Agents, web search, code execution, files API, and prompt tools.

🔒 Ontinue detailed a campaign distributing a previously undocumented information stealer via fake Claude Code install pages that hijack Chromium browsers to bypass App-Bound Encryption and exfiltrate cookies, passwords and payment data from developer workstations. The lure substituted the canonical Anthropic host for an attacker-controlled domain while /install.ps1 returned a verbatim genuine installer, letting automated scanners see benign PowerShell. A native helper is reflectively injected into browser processes to invoke the IElevator2 COM interface and extract encryption keys, while the PowerShell layer handles persistence, collection and C2 communications. Defenders are urged to enforce constrained PowerShell, enable script block logging and block newly registered domains.

🔒 OTT Cybersecurity LLC — the team behind Lyrie.ai — announced acceptance into Anthropic’s Cyber Verification Program and the public release of the Agent Trust Protocol (ATP). ATP is an open cryptographic standard that enables real-time verification of an AI agent’s identity, authorized scope, attestation status, delegation, and revocation. The protocol is royalty-free, slated for IETF submission, and a reference implementation is published under an MIT license. Lyrie positions itself as the security layer for autonomous AI agents operating on the internet.

⚠️ Researchers at LayerX Security disclosed a flaw dubbed ClaudeBleed in Anthropic’s Claude in Chrome extension that lets other extensions inject scripts and commandeer the assistant. The issue stems from an exposed messaging interface that trusts origins instead of execution context, enabling zero-permission extensions to issue prompts and perform cross-site actions. Anthropic released a partial patch (v1.0.70) on May 6; LayerX urges stronger mitigations.

⚠ OpenAI and Anthropic models were used by attackers in a cyber-attack that targeted a municipal water and drainage utility in the Monterrey metropolitan area, Dragos reports. The incident, which unfolded between December 2025 and February 2026, involved roughly 350 artifacts, many of them AI-generated malicious scripts used as offensive tooling. According to the report, Anthropic's Claude served as the primary technical executor—handling prompt-and-response interactions, intrusion planning and deployment—while OpenAI's GPT models were used for analytical tasks and generating Spanish-language outputs. Although the OT breach was ultimately unsuccessful, Dragos warns the campaign demonstrates how commercial LLMs can accelerate and refine attacks against operational environments and recommends tighter remote access policies and stronger authentication controls.

🔒 A fraudulent imitation of Anthropic's Claude hosted at claude-pro[.]com distributed a roughly 505 MB ZIP claiming to contain a "Claude-Pro Relay" tool, according to Sophos X-Ops. The MSI installer drops three items into the startup folder: a signed G DATA updater renamed NOVupdate.exe, an encrypted data file and a malicious avk.dll; when the updater runs it sideloads avk.dll, which decrypts shellcode and uses DonutLoader to load the Beagle backdoor. Sophos traced related samples to February–March 2026 and noted the campaign used Cloudflare for distribution while hosting C2 infrastructure on Alibaba Cloud.

🔒 The Center for AI Standards and Innovation (CAISI), part of the Department of Commerce’s NIST, has secured agreements with Google DeepMind, Microsoft, and xAI to conduct pre-deployment evaluations and targeted research on frontier AI models. These accords expand an existing program that already includes Anthropic and OpenAI and are intended to provide vendors with safety feedback before public release. Microsoft described the partnerships as essential to building trust in advanced systems, while CAISI emphasized continuous evaluation to advance AI security and standards.

🔒 A new generation of frontier AI models is changing how cyberattacks are developed, enabling speed, scale, and accessibility previously unseen. Early testing of advanced models, including Claude’s Mythos, shows they can identify code vulnerabilities, map attack paths, and generate working exploits with minimal effort. Organizations must treat these as fully AI-powered attacks and prioritize proactive readiness, detection, and mitigation strategies.