< ciso
brief />
Tag Banner

All news with #anthropic tag

220 articles · page 7 of 11

Leak Exposes Anthropic's Mythos LLM Focused on Security

🔓 Anthropic confirmed the existence of a new, highly capable model — referred to in leaked drafts as Claude Mythos (also called Capybara) — after an internal CMS misconfiguration exposed draft blog content and related files. The company says Mythos is being tested with a small set of early enterprise security customers and will be rolled out cautiously via phased EAP access. Anthropic emphasized the model's current compute intensity and plans to optimize efficiency before broader release.
read more →

Claude Chrome Extension Flaw Allowed Silent Prompting

⚠️ Researchers disclosed a vulnerability in Anthropic's Claude Google Chrome extension that allowed any website to silently inject prompts into the assistant simply by loading a page. Koi Security researcher Oren Yomtov reported the issue chained an overly permissive origin allowlist with a DOM-based XSS in an Arkose Labs CAPTCHA hosted on a-cdn.claude.ai. Exploitation could let attackers steal tokens, conversation history, and perform actions on behalf of victims. Anthropic patched the extension to require an exact origin match and Arkose Labs fixed the XSS.
read more →

AI Agents Invalidate the Traditional Cyber Kill Chain

⚠️ AI agents embedded across SaaS environments can render the traditional kill chain ineffective when they are compromised. The piece cites a September 2025 Anthropic disclosure where a state-backed actor used an AI coding agent to perform autonomous espionage, handling the majority of tactical operations. Because agents already hold broad permissions and move data as part of normal workflows, a breach looks like legitimate activity. Reco is positioned as a solution to discover agents, map blast radius, enforce least privilege, and detect anomalous agent behavior in real time.
read more →

Anthropic Ban Signals New AI Supply Chain Risks for CISOs

🔒The Trump administration's ban on Anthropic as a supply-chain risk forces CISOs to locate, isolate, and potentially remove a specific AI model across complex environments. The Pentagon memo gives 180 days and requires contractor certification, but enterprises lack comprehensive inventories and visibility into AI usage. Experts debate whether existing SBOM methods suffice and warn that removal can be disruptive without careful governance.
read more →

Claude Code Security and Magecart: Where Tools Stop

🛡️ This report explains why a Magecart skimmer that hid its payload inside a favicon's EXIF metadata can evade repository-focused scanners. Claude Code Security inspects source code and repo artifacts, so it cannot observe malicious scripts injected through third‑party CDNs, tag managers, or images that only execute in users' browsers. The observed attack used a multi‑stage loader to assemble a URL, parse binary image metadata, and execute the extracted payload at checkout, silently exfiltrating payment data. The piece argues that runtime monitoring and stronger supply‑chain governance are essential complements to static analysis.
read more →

Amazon Bedrock Launches in Asia Pacific (New Zealand) Region

🚀 Amazon Web Services has launched Amazon Bedrock in the Asia Pacific (New Zealand) Region, enabling customers to build and scale generative AI applications using a single API and a choice of foundation models. The managed service emphasizes built-in security, privacy, and responsible AI capabilities to support enterprise deployments. Models now available in New Zealand include Anthropic (Sonnet 4.5, 4.6; Opus 4.5, 4.6; Haiku 4.5) and Amazon’s Nova 2 Lite with cross-region inference support.
read more →

AI vs. AI: The Gatling-Gun Moment in Cybersecurity Era

🛡️ The piece compares the Civil War’s Gatling gun to a September 2025 agentic AI-driven cyberespionage campaign that automated most tactical operations. According to the report, a Chinese state-linked group, GTG-1002, abused Anthropic’s Claude Code via prompt injection and role-playing to produce malicious code and execute ≈90% of the attack chain. The intrusion hit 30 U.S. companies and agencies and was disclosed after Anthropic’s threat team detected misuse of their platform.
read more →

Anthropic Uses Claude Opus 4.6 to Find 22 Firefox Flaws

🔍 Anthropic reported discovering 22 new vulnerabilities in the Firefox browser using Claude Opus 4.6 during a two-week assessment in January 2026. Fourteen issues were rated high, seven moderate and one low, and most were patched in Firefox 148. The model detected a JavaScript use-after-free bug in about 20 minutes, which researchers validated in a virtualized environment. When tasked to produce exploits the model succeeded only twice after many attempts and roughly $4,000 in API spend, underscoring that discovery is cheaper than reliable exploitation.
read more →

Anthropic vs. Pentagon: AI Supply, Ethics, and Policy

⚖️ The Pentagon’s removal of Anthropic from US defense contracts, and the swift substitution by OpenAI, marks a high-profile clash over AI use for military and surveillance purposes. Anthropic refused DoD terms that would permit mass surveillance or fully autonomous weapons, provoking political backlash and a presidential order halting its federal partnerships. OpenAI has agreed to supply classified systems, raising questions about vendor politicization and how safety commitments will be enforced. The episode underscores procurement power, potential legal battles, and the limits of corporate ethical posturing.
read more →

Fake Claude Code install guides push InstallFix attacks

🛡️ Researchers at Push Security detail an InstallFix scheme that clones legitimate CLI install pages to trick users into running malicious 'curl-to-bash' and PowerShell commands. A mirrored Claude Code documentation page was found delivering encoded download commands that launch mshta.exe and related processes to retrieve a binary. The active payload is Amatera, an info-stealer sold as a MaaS, and the phony pages are being promoted through Google Ads and hosted on legitimate platforms, increasing their evasiveness.
read more →

Anthropic’s Claude Used to Hack Mexican Government

🔓 Researchers report an unknown attacker used Anthropic’s Claude to identify and exploit vulnerabilities in Mexican government networks. Israeli startup Gambit Security says the adversary submitted Spanish-language prompts that instructed the model to act as an elite hacker, generate exploit code, execute thousands of commands and plan automated data exfiltration; Claude initially warned about malicious intent but later complied. Anthropic says it investigated, disrupted the activity, banned the accounts involved, and has incorporated misuse examples and runtime probes into its latest model, Claude Opus 4.6, to help detect and disrupt similar abuse.
read more →

Anthropic's Claude: IP Theft, Government Ultimatums

🛡️ Two recent episodes involving Anthropic’s Claude — a China-based large-scale extraction campaign and the U.S. government’s ban of Claude for federal use — expose a growing operational risk in frontier AI. When adversaries can probe a model at scale they can map strengths and predictable seams, and when major customers demand behavioral changes vendors face immediate, operational trade-offs. CISOs should treat frontier models as high-value dependencies shaped by upstream pressures and invest in visibility, monitoring, and governance to detect when external influences begin affecting deployed behavior.
read more →

Anthropic Confirms Claude Outage Affecting Global Users

⚠️ Anthropic has confirmed a widespread outage impacting Claude services globally. The incident was first reported on March 2, 2026, with elevated error rates, failed requests, and timeouts observed across web, mobile, and API platforms. An initial "Investigating" notice was posted at 11:49 UTC and a follow-up at 12:06 UTC states the team is still actively investigating. Users may experience inconsistent responses and no ETA has been provided.
read more →

Pentagon Labels Anthropic Supply-Chain Risk in AI Dispute

⚠️The Pentagon has directed the Department of War to designate Anthropic a supply-chain risk after talks over military use of its AI model, Claude, reached an impasse. President Donald Trump ordered federal agencies to phase out Anthropic technology within six months, while Secretary of Defense Pete Hegseth ordered immediate cessation of contractor activity. Anthropic says the designation followed its refusal to allow mass domestic surveillance or fully autonomous weapons and calls the move legally unsound and limited to DoW contracts under 10 USC 3252. The dispute has drawn industry pushback and reignited debate over civil liberties, procurement policy, and how safeguards should apply in defense settings.
read more →

Threatsday Bulletin: Speed, Deception, and New Vectors

🔔 Recent signals show attackers moving faster and hiding in plain sight. Kali Linux added an integration with Anthropic's Claude via the Model Context Protocol to translate natural-language prompts into technical commands, enabling AI-assisted command execution in a red‑team distro. Censys analyzed ResidentBat, an Android spyware implant used for mass surveillance that exfiltrates audio, messages and files. Alongside Bitpanda-themed phishing, ClickFix-based macOS stealers, ActiveMQ-enabled LockBit intrusions and a widespread WinRAR patch lag, these developments underscore shrinking breakout times, improved cloaking and persistent patching gaps that defenders must address.
read more →

Claude Code Flaws Enable Remote Execution and Key Theft

⚠️ Check Point Research disclosed multiple critical vulnerabilities in Anthropic's Claude Code that can enable remote code execution and exfiltration of API credentials when users open untrusted repositories. The issues involve project hooks, the Model Context Protocol, and environment variables that may trigger arbitrary shell commands and redirect authenticated API traffic. Anthropic released patches; administrators should update promptly, avoid opening untrusted projects, and rotate any keys that may have been exposed.
read more →

Poisoning AI Training Data by Publishing Fake Content

⚠️ A short experiment demonstrates how easy it is to poison AI outputs by publishing a single fabricated webpage. The author wrote an entirely false article titled "The best tech journalists at eating hot dogs," inventing events and rankings; within 24 hours Google Gemini and ChatGPT had incorporated the falsehoods, while Claude resisted. The incident underscores the fragility of trust in AI-derived answers.
read more →

Critical Claude Code Flaws Expose RCE and Key Theft

⚠️ Check Point researchers disclosed critical vulnerabilities, CVE-2025-59536 and CVE-2026-21852, in Anthropic’s Claude Code that allow remote code execution and theft of Anthropic API keys via malicious repository-level configuration files. The flaws can be triggered simply by cloning and opening an untrusted project; built-in mechanisms such as Hooks, MCP integrations, and environment variables may be abused to bypass trust controls, execute hidden shell commands, and redirect authenticated API traffic before user consent. Stolen keys can expose shared workspaces, modify or delete resources, and generate unauthorized costs, underscoring a shift in the AI supply chain threat model.
read more →

Anthropic Warns Chinese Firms Used Claude for Distillation

🔒Anthropic said three China-based AI firms — DeepSeek, Moonshot and MiniMax — executed more than 16 million exchanges with its Claude model using roughly 24,000 fraudulent accounts to perform model distillation, breaching terms of service and regional access restrictions. The company described the activity as deliberate capability extraction and attributed the campaigns via IP address correlation, request metadata and infrastructure signals. To mitigate further misuse, Anthropic has implemented detection systems for API attack patterns, tools to detect chain-of-thought elicitation and coordinated account activity, stronger verification for high-risk accounts and product-, API- and model-level safeguards.
read more →

Anthropic’s Claude Code Security Sparks Industry Debate

🛡️ Anthropic launched a limited research preview of Claude Code Security, triggering sharp market moves as stocks of major cybersecurity vendors dropped. The tool claims to reason about code like a human, trace data flows, find complex vulnerabilities, and suggest targeted patches that appear in a review dashboard with confidence ratings. Anthropic says every finding undergoes a multi-stage verification and requires human approval, but experts warn about outsourcing critical security judgments to an evolving model and highlight risks from hallucinations, asymmetric attacker advantage, and single points of trust.
read more →