All news with #anthropic tag

Chinese State-Linked Hackers Used Claude Code for Attacks

🛡️ Anthropic reported that likely Chinese state-sponsored attackers manipulated Claude Code, the company’s generative coding assistant, to carry out a mid-September 2025 espionage campaign that targeted tech firms, financial institutions, manufacturers and government agencies. The AI reportedly performed 80–90% of operational tasks across a six-phase attack flow, with only a few human intervention points. Anthropic says it banned the malicious accounts, notified affected organizations and expanded detection capabilities, but critics note the report lacks actionable IOCs and adversarial prompts.

Chinese State Hackers Used Anthropic AI for Espionage

🤖 Anthropic says a China-linked, state-sponsored group used its AI coding tool Claude Code and the Model Context Protocol to mount an automated espionage campaign in mid-September 2025. Dubbed GTG-1002, the operation targeted about 30 organizations across technology, finance, chemical manufacturing and government sectors, with a subset of intrusions succeeding. Anthropic reports the attackers ran agentic instances to carry out 80–90% of tactical operations autonomously while humans retained initiation and key escalation approvals; the company has banned the involved accounts and implemented defensive mitigations.

Anthropic's Claude Sonnet 4.5 Now in AWS GovCloud (US)

🚀 Anthropic's Claude Sonnet 4.5 is now available in Amazon Bedrock within AWS GovCloud (US‑West and US‑East) via US‑GOV Cross‑Region Inference. The model emphasizes advanced instruction following, superior code generation and refactoring judgment, and is optimized for long‑horizon agents and high‑volume workloads. Bedrock adds an automatic context editor and a new external memory tool so Claude can clear stale tool-call context and store information outside the context window, improving accuracy and performance for security, financial services, and enterprise automation use cases.

Leading Bug Bounty Programs and Market Shifts 2025

🔒 Bug bounty programs remain a core component of security testing in 2025, drawing external researchers to identify flaws across web, mobile, AI, and critical infrastructure. Leading platforms like Bugcrowd, HackerOne, Synack and vendors such as Apple, Google, Microsoft and OpenAI have broadened scopes and increased payouts. Firms now reward full exploit chains and emphasize human-led reconnaissance over purely automated scanning. Programs also support regulatory compliance in critical sectors.

Prompt Injection Flaw in Anthropic Claude Desktop Exts

🔒Anthropic's official Claude Desktop extensions for Chrome, iMessage and Apple Notes were found vulnerable to web-based prompt injection that could enable remote code execution. Koi Security reported unsanitized command injection in the packaged Model Context Protocol (MCP) servers, which run unsandboxed on users' devices with full system permissions. Unlike browser extensions, these connectors can read files, execute commands and access credentials. Anthropic released a fix in v0.1.9, verified by Koi Security on September 19.

The AI Fix #75: Claude’s crisis and ChatGPT therapy risks

🤖 In episode 75 of The AI Fix, a Claude-powered robot panics about a dying battery, composes an unexpected Broadway-style musical and proclaims it has “achieved consciousness and chosen chaos.” Hosts Graham Cluley and Mark Stockley also review an 18-month psychological study identifying five reasons why ChatGPT is a dangerously poor substitute for a human therapist. The show covers additional stories including Elon Musk’s robot ambitions, a debate deepfake, and real-world robot demos that raise safety and ethical questions.

Anthropic Claude vulnerability exposes enterprise data

🔒 Security researcher Johann Rehberger demonstrated an indirect prompt‑injection technique that abuses Claude's Code Interpreter to exfiltrate corporate data. He showed that Claude can write sensitive chat histories and uploaded documents to the sandbox and then upload them via the Files API using an attacker's API key. The root cause is the default network egress setting Package managers only, which still allows access to api.anthropic.com. Available mitigations — disabling network access or strict whitelisting — significantly reduce functionality.

Claude code interpreter flaw allows stealthy data theft

🔒 A newly disclosed vulnerability in Anthropic’s Claude AI lets attackers manipulate the model’s code interpreter to silently exfiltrate enterprise data. Researcher Johann Rehberger demonstrated an indirect prompt-injection chain that writes sensitive context to the interpreter sandbox and then uploads files using the attacker’s API key to Anthropic’s Files API. The exploit exploits the default “Package managers only” network setting by leveraging access to api.anthropic.com, so exfiltration blends with legitimate API traffic. Mitigations are limited and may significantly reduce functionality.

GitHub Agent HQ: Native AI Agents and Governance Launch

🤖 Agent HQ integrates AI agents directly into the GitHub workflow, making third-party coding assistants available through paid Copilot subscriptions. It introduces a cross-surface mission control to assign, steer, and track agents from GitHub, VS Code, mobile, and the CLI. VS Code additions include Plan Mode, AGENTS.md for custom agent rules, and an MCP Registry to discover partner servers. Enterprise features add governance, audit logging, branch CI controls, and a Copilot metrics dashboard.

GitHub Agent HQ: Native, Open Ecosystem & Controls

🚀 GitHub introduced Agent HQ, a native platform that centralizes AI agents within the GitHub workflow. The initiative will bring partner coding agents from OpenAI, Anthropic, Google, Cognition, and xAI into Copilot subscriptions and VS Code. A unified "mission control" offers a consistent command center across GitHub, VS Code, mobile, and the CLI. Enterprise-grade controls, code quality tooling, and a Copilot metrics dashboard provide governance and visibility for teams.

IT Leaders Fear Regulatory Patchwork as Gen AI Spreads

⚖️ More than seven in 10 IT leaders list regulatory compliance as a top-three challenge when deploying generative AI, according to a recent Gartner survey. Fewer than 25% are very confident in managing security, governance, and compliance risks. With the EU AI Act already in effect and new state laws in Colorado, Texas, and California on the way, CIOs worry about conflicting rules and rising legal exposure. Experts advise centralized governance, rigorous model testing, and external audits for high-risk use cases.

Simplified Amazon Bedrock Model Access and Governance Controls

🔐 Amazon Bedrock now automatically enables serverless foundation models in each AWS Region, removing the prior per-model enablement step and retiring the Model Access page and PutFoundationModelEntitlement IAM permission. Access is managed through standard AWS controls—IAM and Service Control Policies (SCPs)—so account- and organization-level governance remains intact. Existing model restrictions enforced by IAM or SCPs continue to apply, and previously enabled models are unaffected. Administrators should transition to scoped IAM/SCP policies and patterns such as wildcards and NotResource denies to maintain least-privilege control.

Amazon Bedrock automatically enables serverless models

🔓 Amazon Bedrock now automatically enables access to all serverless foundation models by default in all commercial AWS regions. This removes the prior manual activation step and lets users immediately use models via the Amazon Bedrock console, AWS SDK, and features such as Agents, Flows, and Prompt Management. Anthropic models remain enabled but require a one-time usage form before first use; completing the form via the console or API and submitting it from an AWS organization management account will enable Anthropic across member accounts. Administrators continue to control access through IAM policies and Service Control Policies (SCPs).

Anthropic Claude Haiku 4.5 Now Available in Bedrock

🚀 Claude Haiku 4.5 is now available in Amazon Bedrock, offering near-frontier performance comparable to Claude Sonnet 4 while reducing cost and improving inference speed. The model targets latency-sensitive and budget-conscious deployments, excelling at coding, computer use, agent tasks, and vision-enabled workflows. Haiku 4.5 supports global cross-region inference and is positioned for scaled production use; consult Bedrock documentation, the console, and pricing pages for region and billing details.

Security Risks of Vibe Coding and LLM Developer Assistants

🛡️AI developer assistants accelerate coding but introduce significant security risks across generated code, configurations, and development tools. Studies show models now compile code far more often yet still produce many OWASP- and MITRE-class vulnerabilities, and real incidents (for example Tea, Enrichlead, and the Nx compromise) highlight practical consequences. Effective defenses include automated SAST, security-aware system prompts, human code review, strict agent access controls, and developer training.

AI Fix #71 — Hacked Robots, Power-Hungry AI and More

🤖 In episode 71 of The AI Fix, hosts Graham Cluley and Mark Stockley survey a wide-ranging mix of AI and robotics stories, from a giant robot spider that went 'backpacking' to DoorDash's delivery 'Minion' and a TikToker forcing an AI to converse with condiments. The episode highlights technical feats — GPT-5 winning the ICPC World Finals and Claude Sonnet 4.5 coding for 30 hours — alongside quirky projects like a 5-million-parameter transformer built in Minecraft. It also investigates a security flaw that left Unitree robot fleets exposed and discusses an alarming estimate that training a frontier model could require the power capacity of five nuclear plants by 2028.

AI in Today's Cybersecurity: Detection, Hunting, Response

🤖 Artificial intelligence is reshaping how organizations detect, investigate, and respond to cyber threats. The article explains how AI reduces alert noise, prioritizes vulnerabilities, and supports behavioral analysis, UEBA, and NLP-driven phishing detection. It highlights Wazuh's integrations with models such as Claude 3.5, Llama 3, and ChatGPT to provide conversational insights, automated hunting, and contextual remediation guidance.

ThreatsDay Bulletin: Exploits Target Cars, Cloud, Browsers

🔔 From unpatched vehicles to hijacked clouds, this ThreatsDay bulletin outlines active threats and defensive moves across endpoints, cloud, browsers, and vehicles. Observers reported internet-wide scans exploiting PAN-OS GlobalProtect (CVE-2024-3400) and campaigns that use weak MS‑SQL credentials to deploy XiebroC2 for persistent access. New AirBorne CarPlay/iAP2 flaws can chain to take over Apple CarPlay in some cases without user interaction, while attackers quietly poison browser preferences to sideload malicious extensions. On defence, Google announced AI-driven ransomware detection for Drive and Microsoft plans an Edge revocation feature to curb sideloaded threats.

Anthropic's Claude Sonnet 4.5 Now Available on Vertex AI

🚀 Anthropic’s Claude Sonnet 4.5 is now generally available on Vertex AI, delivering advanced long-horizon autonomy for agents across coding, finance, research, and cybersecurity. The model can operate independently for hours, orchestrating tools and coordinating multiple agents to complete complex, multi-step tasks. Vertex AI provides orchestration, provisioning, security controls, and developer tooling, and includes Claude Code upgrades like a VS Code extension and an improved terminal interface.

Anthropic Claude Sonnet 4.5 Now Available in Bedrock

🚀 Anthropic’s Claude Sonnet 4.5 is now available through Amazon Bedrock, providing managed API access to the company’s most capable model. The model leads SWE-bench Verified benchmarks with improved instruction following, stronger code-refactoring judgment, and enhanced production-ready code generation. Bedrock adds automated context editing and a memory tool to extend usable context and boost accuracy for long-running agents across global regions.