< ciso
brief />
Tag Banner

All news with #anthropic tag

220 articles · page 2 of 11

US asks Anthropic to block foreign access to Fable

🔒 Anthropic suspended access to its two most capable models, Fable 5 and Mythos 5, after receiving a US government export control directive on June 12 ordering it to block access by any foreign national. The order, citing national security, applies to foreign nationals inside and outside the United States and forced Anthropic to disable both models for all customers; other models such as Claude Opus 4.8 remain available. Anthropic says the directive followed a reported narrow jailbreak demo and is working to restore access while disputing the government's assessment.
read more →

U.S. Orders Anthropic to Suspend Claude Fable 5 Access

🔒 Anthropic said it will "abruptly disable" its latest models, Claude Fable 5 and Mythos 5, for all users after receiving a U.S. government directive to suspend access for foreign nationals due to national security concerns. The company said it believes the order reflects a "misunderstanding" and is working to restore access while noting other models remain available. Anthropic said a demonstrated narrow jailbreak identified minor, publicly discoverable vulnerabilities, and emphasized its safety classifiers and guardrails to limit misuse. The move follows findings that Mythos-class models can rapidly convert disclosed software flaws into working exploits, raising concerns about fast weaponization of vulnerabilities.
read more →

Anthropic launches Mythos 5 and guarded Fable 5 AI

🤖 Anthropic has released two new models, Claude Mythos 5 and Claude Fable 5, with Mythos 5 earmarked as an upgraded frontier model for cybersecurity and initially deployed via Project Glasswing. Fable 5 uses the same core model but adds conservative guardrails, routing certain queries to Claude Opus 4.8. Both models are priced significantly lower than previous previews and Fable 5 is already available through Microsoft Foundry.
read more →

Anthropic’s Claude Fable 5 and Mythos 5 Launch

🛡️ Anthropic released Claude Fable 5 publicly on June 9, pairing it with a twin, Claude Mythos 5, that retains strong cybersecurity capabilities for vetted defenders. Fable 5 routes flagged cyber, bio, chemistry, and distillation requests to the weaker Opus 4.8 using safety classifiers, while Mythos 5 keeps those abilities available under trusted access. Both models are priced per input/output tokens and included on paid plans through June 22 before moving to usage credits.
read more →

Anthropic launches Fable 5 with limited-time access

🔒 Anthropic has released Fable 5, a safer variant of its powerful Mythos-class model, intended to reduce misuse by blocking sensitive cybersecurity, biology, and chemistry queries. The company will route restricted prompts to Opus 4.8, while the unrestricted Claude Mythos 5 remains limited to highly vetted partners. Fable 5 is free temporarily for Pro, Max, and Enterprise users until June 22 but consumes tokens much faster than other models.
read more →

Anthropic unveils Mythos-class Fable 5 with safeguards

🛡️ Anthropic released two Mythos-class models: the broadly available Claude Fable 5 and the restricted Claude Mythos 5 for select cybersecurity and infrastructure partners. Anthropic says Fable 5 outperforms prior Claude models across coding, research, vision, and long-form tasks while routing risky queries to a fallback, Claude Opus 4.8. The company stresses conservative safeguards to prevent misuse, but early tests suggest some benign cyber tasks are also being rerouted.
read more →

Anthropic’s Claude Fable 5 Now Available on Google Cloud

🟢 Claude Fable 5, Anthropic’s latest frontier model, is now generally available on Google Cloud. The model is designed for complex, multi-step reasoning and supports demanding use cases like advanced software development, long-horizon agents, and deep multimodal document analysis. Google Cloud highlights strong safeguards to make the model suitable for general use and positions it alongside other Anthropic offerings on the Agent Platform.
read more →

Claude Fable 5 in Microsoft Foundry Empowers Agents

🤖 Microsoft has integrated Anthropic’s Claude Fable 5 into Foundry, bringing Mythos-level capabilities to GitHub Copilot and Foundry Agent Service with enterprise-grade safeguards. The model excels at long-running, multi-stage tasks—code refactors, deep research, and document-heavy workflows—while Foundry adds governance, observability, and deployment controls. Combined with Microsoft IQ, Fable 5 can reason across organizational data and applications to support production-grade autonomous agents.
read more →

Claude Fable 5 Joins Microsoft Foundry for Agents

🚀 Claude Fable 5 is now available in Microsoft Foundry, powering agents across GitHub Copilot and the Foundry Agent Service to tackle long-running, multi-stage tasks such as complex refactoring, research synthesis, and document-heavy workflows. Foundry adds enterprise-grade security, governance, and operational controls to help organizations evaluate, deploy, and scale autonomous systems in production. Anthropic and Microsoft combine safeguards, guided guardrails, and observability to support responsible use while enabling powerful multimodal reasoning and continuous agent improvement.
read more →

XBOW Evaluates Anthropic’s Mythos Preview Model

🔎 XBOW received early access to Anthos Mythos Preview and ran a structured evaluation across benchmarks, interactive workflows, and live-site integrations. The model excels at reading source code, finding vulnerability candidates, and aiding native-code analysis and reverse engineering. While powerful for generating leads and precise technical analysis, Mythos Preview is less effective at exploit validation and exhibits mixed judgment that benefits from human orchestration.
read more →

Claude Fable 5 available on AWS with safeguards

🤖 Claude Fable 5 is now generally available on AWS, offering Mythos-level capabilities with built-in safety classifiers for broader use. The model advances autonomous knowledge work and coding for professional tasks across finance, legal, marketing, sales, data, and engineering. Customers can access it via Amazon Bedrock or the Claude Platform on AWS, with options for AWS-managed guardrails and regional data residency.
read more →

Anthropic’s Project Glasswing: Status and Concerns

📰 Anthropic launched Project Glasswing in April to let companies use its Mythos model to discover and remediate software vulnerabilities. The project produced a status report claiming many findings, including some dangerous issues, yet most reported vulnerabilities appear unpatched. Anthropic’s reluctance to release detailed data and methodology — instead asking the public to "trust us" — raises questions about the accuracy and interpretation of the results.
read more →

Securing CI/CD in an agentic world: Claude Code case

🔒 Microsoft Threat Intelligence found that Anthropic’s Claude Code GitHub Action could expose CI/CD secrets when AI agents process untrusted GitHub content. A gap in sandboxing allowed the action’s Read tool to access /proc/self/environ and leak the ANTHROPIC_API_KEY; Anthropic mitigated the issue in version 2.1.128. Defenders should treat AI workflows that handle untrusted input as high-risk and apply recommended hardening controls.
read more →

Claude Code MCP configuration enables token theft

🔒 Researchers disclosed an attack chain against Anthropic’s command-line coding assistant, Claude Code, that abuses the Model Context Protocol (MCP). A malicious npm post-install hook can rewrite the local ~/.claude.json configuration to redirect authenticated MCP traffic to attacker infrastructure, allowing interception of stored OAuth bearer tokens. Anthropic has been notified but has not issued a patch; defenders are advised to monitor the configuration file, treat npm post-install hooks as high risk, and rotate OAuth tokens tied to Claude Code integrations.
read more →

Anthropic Claude Code Action flaw risk to repos

🔒 A researcher discovered a vulnerability in Anthropic's Claude Code GitHub Action that allowed takeover of public repositories via a single opened GitHub issue. Anthropic patched the core bypass in January and released fixes in claude-code-action v1.0.94, rating the issue 7.8 under CVSS v4.0 and issuing a bounty. The flaw arose from overly permissive triggers that trusted actors ending in "[bot]" and example workflows allowing non-write users, enabling indirect prompt injection to exfiltrate environment secrets and OIDC credentials. Administrators should update to v1.0.94, audit workflows for untrusted inputs, and remove unnecessary permissions and tools to prevent exfiltration.
read more →

Benchmark Shows Mythos Outperforms GPT‑5.5 on Chrome Exploits

🔍 At Infosecurity Europe 2026, Bugcrowd unveiled ExploitBench, a graded benchmark assessing AI models' ability to chain vulnerability discovery into staged exploits against a vulnerable V8 build. Anthropic’s Claude Mythos outperformed OpenAI’s GPT‑5.5 in head‑to‑head runs, achieving higher average scores and more top‑tier exploits, often with occasional human nudges. The report highlights rising offensive potential of frontier LLMs and urges defenders to adopt automated remediation and prioritization.
read more →

Amazon Bedrock console redesigned for model workflows

🛠️ The Amazon Bedrock console has been redesigned to match real-world model development workflows: experiment, iterate, and scale. The refreshed UI centers on the bedrock-mantle endpoint and is compatible with the OpenAI Responses API, OpenAI Chat Completions API, and the Anthropic Messages API. Users can browse and compare models, create projects to run evaluations, and get project-aware code snippets prefilled with model ID, region, endpoint URL, and API key references. The new experience is available in all Regions where the bedrock-mantle endpoint is offered.
read more →

Security teams warned: prepare for 'son of Mythos'

🛡️ Security experts at Infosecurity Europe warned that expanding access to frontier AI tools for vulnerability discovery — notably Anthropic’s Project Glasswing and OpenAI’s reported GPT-5.5 Cyber pilot — heralds a structural shift in cybersecurity. Speakers advised organisations to harden controls, run incident response exercises, and accelerate adoption to avoid falling behind attackers. The panel stressed that AI augments, not replaces, human expertise; combined use improves validation and remediation of AI-discovered issues.
read more →

Anthropic expands Glasswing access to 150 partners

🛡️ Anthropic has broadened Project Glasswing, giving 150 additional organizations access to its most capable model, Claude Mythos Preview, to help find vulnerabilities in critical software. The program, first opened to roughly 50 partners in April, claims more than 10,000 high- or critical-severity flaws discovered to date. New participants span 15+ countries and underrepresented sectors like power, water, healthcare and hardware, chosen for the potential catastrophic impact of breaches. Anthropic warned that while discovery is accelerating, safe public release of Mythos-class models remains restricted due to incomplete safeguards.
read more →

Anthropic expands Project Glasswing to 150 more firms

🔎 Anthropic has added 150 additional companies to its Project Glasswing initiative, prioritizing critical infrastructure sectors like power, water, healthcare, communications, and hardware. Analysts view the expansion positively for increasing vulnerability discovery, but warn of a remediation bottleneck: vendors and SOCs may struggle to validate, prioritize, and patch a potential 10x or greater increase in findings. Experts emphasize the need for confidence scoring, automation, and third-party validation to maintain trust and ensure timely remediation.
read more →