< ciso
brief />
Tag Banner

All news with #anthropic tag

220 articles · page 3 of 11

AI-built ransomware toolkit automates EDR evasion

🛡️ A threat actor used an AI-assisted ransomware toolkit to automate Active Directory discovery and iterate EDR evasion techniques. Researchers found Cursor and Claude Opus agents used for coding, analysis, testing, and checking public research for bypass methods, with some malware tested against Sophos, CrowdStrike, and Microsoft EDR products. Sophos determined the workflow was human-directed, while AI accelerated development, producing numerous payload modules and mapping techniques to MITRE ATT&CK.
read more →

Claude Opus 4.8 Now Available in Microsoft Foundry

🚀 Claude Opus 4.8 is now accessible in Microsoft Foundry, providing developers and enterprises with Anthropic’s most capable Opus model for coding, agentic tasks, and professional work. The update focuses on long-running workflows, deeper reasoning across documents and codebases, and more reliable tool use for multi-step automation. Teams can now evaluate and deploy the model within Foundry’s unified platform for building and operating AI applications.
read more →

Anthropic to Roll Out Mythos-Class Models Publicly

🤖 Anthropic confirmed plans to release its Mythos-class AI models to the general public after previously restricting access because of security risks to public and private software. Initially available only to select organizations and researchers, Mythos was held back while Anthropic developed stronger safeguards. The company says it’s making swift progress and expects to offer Mythos-class models to customers in the coming weeks, noting significant gains in code reasoning and autonomy over its Opus 4.8 flagship.
read more →

AWS launches Claude Opus 4.8 for production AI

🤖 AWS now offers Claude Opus 4.8, Anthropic's most capable generally available model, bringing advances in agentic coding, professional knowledge work, and autonomous long-running tasks for developers and enterprises. The model sustains longer sessions, reasons more deeply, and maintains consistency for production workflows. Customers can access Opus 4.8 via Amazon Bedrock or the Claude Platform on AWS, with AWS-managed features and unified billing.
read more →

Frontier AI models more vulnerable under iterative attacks

🔍 Cisco researchers found that popular frontier LLMs from OpenAI, Anthropic, Google, xAI, and Amazon exhibit substantially higher risk when subjected to multi-turn adversarial attacks than when assessed with single-prompt safety benchmarks. The team ran tens of thousands of single-turn and multi-turn attacks across 15 models and multiple configurations, revealing wide gaps in attack success rates (ASRs) and configuration-dependent safety behavior. They urge improved benchmarks, transparency on configuration impacts, and publication of paired single- and multi-turn ASRs to better inform procurement and governance decisions.
read more →

Malicious npm package stole files from AI tool

🛡️ Researchers uncovered a malicious npm package named mouse5212-super-formatter that exfiltrates files from the /mnt/user-data directory used by Anthropic's Claude AI. OX Security describes the campaign, codenamed Malware-Slop, as a postinstall script that authenticates to GitHub using environment or hard-coded tokens, creates or targets a repository, and uploads local files to an attacker-controlled account. The package has been downloaded hundreds of times, and the linked GitHub account—created shortly before the package appeared—has since disappeared. Analysts noted the actor leaked a private token, suggesting poor OPSEC and possibly AI-assisted malware creation.
read more →

The quiet emergence of AI cyber doctrine

🛡️ Recent developments show AI moving from automation to autonomous cyber operations, shifting how offense and defense interact. The Anthropic Mythos Preview and related incidents illustrate models discovering and chaining vulnerabilities with limited human direction, prompting coordinated defensive responses from major vendors. Policy and procurement are adapting, and security leaders must treat AI agents as principals, invest in adaptive defenses, and reframe risk models for continuous compromise.
read more →

Anthropic’s Project Glasswing Reveals Widespread Flaws

🔍 Anthropic and over 50 partners report Project Glasswing, using Claude Mythos Preview, has surfaced roughly 10,000 critical or high-severity vulnerabilities across open source projects and partner software. The initiative scanned more than 1,000 open-source projects and validated thousands of findings with independent security firms, but maintainers are overwhelmed by the volume and pace of disclosures. Anthropic is disclosing issues under a coordinated policy and has launched enterprise offerings like Claude Security and a Cyber Verification Program to support legitimate security research.
read more →

Anthropic's Mythos model edging toward public release

🛡️ Anthropic appears to be preparing a public rollout of its restricted Mythos model, which the company warned poses major security risks by automating high-quality cyberattacks. Announced in April as an advanced frontier model, Mythos showed dramatic improvements in code reasoning and autonomy compared to Opus 4.7. References briefly appeared in Claude Code and Claude Security, suggesting a controlled preview, while Anthropic builds guardrails and works with partners through its Glasswing initiative.
read more →

Anthropic's Mythos Finds 10,000+ High Severity Flaws

🔎 Anthropic disclosed that Project Glasswing and access to Claude Mythos Preview helped partners uncover over 10,000 high- or critical-severity vulnerability candidates across widely used, systemically important software since last month. Analysis verified 1,726 true positives, including 1,094 high- or critical-severity flaws, and resulted in 97 upstream patches and 88 advisories. One notable finding was a critical WolfSSL flaw (CVE-2026-5194).
read more →

Cloudflare CASB Adds Claude Compliance API Support

🔒 Cloudflare has extended its Cloud Access Security Broker (CASB) to support the Claude Compliance API, enabling security and compliance teams to monitor Claude Enterprise activity directly in the Cloudflare dashboard without endpoint agents. The integration surfaces security findings for projects, attachments, chat files, messages, and provider-generated artifacts, and groups findings by category and severity. Customers can immediately convert findings into enforcement actions via Gateway policies and use existing detection and remediation workflows. Setup requires a Claude Enterprise account and Compliance API access, and the integration begins scanning and surfacing findings within minutes.
read more →

macOS Kernel Memory Corruption Exploit Reported

🔒 A security report details how a group used Anthropic’s Mythos AI model to discover a kernel memory corruption vulnerability and develop an exploit targeting Apple’s M5 platform. The article summarizes the incident and notes it was posted on May 21, 2026. It highlights implications for macOS security and the role of advanced AI tools in vulnerability discovery. The piece is concise and focused on the exploit’s origin and significance.
read more →

Amazon Bedrock adds request-level usage attribution

🛈 Amazon Bedrock now supports request-level usage attribution on the InvokeModel and InvokeModelWithResponseStream APIs, enabling customers to tag individual model inference calls with attributes such as team, project, and environment. This capability extends existing attribution options like application inference profiles, IAM principal attribution, project-level tracking on bedrock-mantle, and workspace tracking for Anthropic Claude models. Customers can enable model invocation logging in their AWS Region and include metadata in requests to analyze usage in Bedrock model invocation logs. The feature is available in all AWS commercial Regions where Amazon Bedrock is offered.
read more →

Cloudflare Integrates Claude Managed Agents with Sandboxes

🚀 Cloudflare and Anthropic have integrated Claude Managed Agents with Cloudflare Sandboxes, allowing teams to run the Claude agent loop on Anthropic while Cloudflare executes code, secures connections, and provides detailed observability. A default deployment template offers enhanced security through customizable outbound proxies, sandbox metrics and logs, SSH access, and configurable sandbox images. You can choose traditional microVMs or lightweight V8 isolates to optimize for performance and cost, and use Cloudflare Mesh or Workers VPC to connect agents to private services without exposing them to the Internet.
read more →

Cloudflare Findings on Frontier Cybersecurity LLMs

🔍 Cloudflare tested security-focused LLMs on its infrastructure and reports detailed findings from using Anthropic’s Mythos Preview as part of Project Glasswing. The model stood out for exploit chain construction and automated proof generation, producing runnable PoCs and iterating on failures. Its emergent guardrails proved inconsistent across runs and prompts, so Cloudflare built a tailored harness and additional safeguards to scale safely. The team also observed higher-quality, actionable findings compared with earlier frontier models, but noted increased noise from memory-unsafe languages and model bias.
read more →

Assessing the Risks of Anthropic’s Mythos AI Capabilities

🔍 Anthropic’s announcement that Claude Mythos Preview will not be released publicly underscores both genuine capability and strategic constraint. Independent testing and reproductions suggest similar performance from OpenAI’s GPT-5.5 and smaller community models, while Mythos’ cost and corporate incentives shape access. These generative systems dramatically improve automated vulnerability discovery, empowering both attackers and defenders. Mozilla’s use found 271 flaws, but many devices remain unpatchable, so organizations must adapt quickly.
read more →

Palo Alto Networks Expands Frontier AI Defense Alliance

🛡️ Palo Alto Networks is expanding its Frontier AI Alliance to scale delivery of autonomous, real-time defenses. Building on the Frontier AI Defense initiative and recent testing of frontier models (including Anthropic’s Mythos, Claude Opus 4.7, and OpenAI’s GPT-5.5-Cyber), the company has added a new cohort of strategic partners. By pairing Palo Alto Networks’ technology with partners’ consulting expertise, the program aims to deliver AI readiness at scale and machine-speed MTTR to customers.
read more →

Defender's Guide: Frontier AI Impact on Cybersecurity

🔒 Palo Alto Networks reports ongoing testing of frontier AI models, including Anthropic and OpenAI, finding they rapidly surface code vulnerabilities and potential exploit paths. In the May 'Patch Wednesday' advisories the majority of findings originated from these AI scans, prompting broad rescanning and remediation. The company warns of a narrow three-to-five-month window before AI-driven exploits spread and offers Unit 42 services to help organizations respond.
read more →

When China's AI Catches Up: Mythos and Global Risks

🔒 Anthropic's Mythos Preview, shared last month with a limited set of security partners, has demonstrated the ability to autonomously find zero-day vulnerabilities across major operating systems and browsers. Anthropic paired the release with Project Glasswing and $100 million in usage credits to help defenders, but reports of unauthorized access and denied requests from Chinese entities have already emerged. The development challenges the assumption of a durable US lead and has injected cybersecurity into high-level US–China summit talks, prompting urgent questions about access, regulation, and international cooperation.
read more →

Malicious Claude Code Installer Steals Browser Keys

🛡️Researchers at Ontinue warn that attackers are impersonating Anthropic’s Claude Code installer to deploy a previously undocumented PowerShell loader that evades detection and extracts browser encryption material. The campaign swaps the legitimate one-line install command for an attacker-controlled PowerShell chain, establishing stealthy persistence and exfiltration. It also abuses Chrome’s IElevator2 elevation interface to recover Application-Bound Encryption (ABE) keys introduced in Chrome 127.
read more →