< ciso
brief />
Tag Banner

All news with #claude tag

111 articles · page 2 of 6

Anthropic unveils Mythos-class Fable 5 with safeguards

🛡️ Anthropic released two Mythos-class models: the broadly available Claude Fable 5 and the restricted Claude Mythos 5 for select cybersecurity and infrastructure partners. Anthropic says Fable 5 outperforms prior Claude models across coding, research, vision, and long-form tasks while routing risky queries to a fallback, Claude Opus 4.8. The company stresses conservative safeguards to prevent misuse, but early tests suggest some benign cyber tasks are also being rerouted.
read more →

Anthropic’s Claude Fable 5 Now Available on Google Cloud

🟢 Claude Fable 5, Anthropic’s latest frontier model, is now generally available on Google Cloud. The model is designed for complex, multi-step reasoning and supports demanding use cases like advanced software development, long-horizon agents, and deep multimodal document analysis. Google Cloud highlights strong safeguards to make the model suitable for general use and positions it alongside other Anthropic offerings on the Agent Platform.
read more →

Claude Fable 5 Joins Microsoft Foundry for Agents

🚀 Claude Fable 5 is now available in Microsoft Foundry, powering agents across GitHub Copilot and the Foundry Agent Service to tackle long-running, multi-stage tasks such as complex refactoring, research synthesis, and document-heavy workflows. Foundry adds enterprise-grade security, governance, and operational controls to help organizations evaluate, deploy, and scale autonomous systems in production. Anthropic and Microsoft combine safeguards, guided guardrails, and observability to support responsible use while enabling powerful multimodal reasoning and continuous agent improvement.
read more →

Widespread AI Coding Use Outpaces Governance

🛠️ Nearly all software teams now use AI coding assistants, yet fewer than a third have formal governance in place. A UserEvidence survey for Black Duck of 831 developers and DevOps pros in March 2026 found 97% adoption but only 30% with full oversight. Popular tools include GitHub Copilot (83%) and Claude Code (63%). Teams report faster releases and an average of eight hours saved per developer weekly, but many face downstream friction in reviews, testing and rework.
read more →

Threat actors exploit AI branding in social engineering

🛡️ Microsoft Threat Intelligence describes campaigns that impersonate popular AI platforms such as ChatGPT, Copilot, and Claude to lure victims via phishing, malvertising, and SEO abuse. These operations use trusted branding, redirect chains, and urgency-driven messaging to steal credentials, commit fraud, or deliver malware. The blog emphasizes abuse of brand names rather than service compromise and recommends leveraging AI-powered security for detection and response.
read more →

Hands-on: Microsoft’s Intelligent Terminal for Windows

🧭 Microsoft has released an open-source fork of Windows Terminal named Intelligent Terminal, enabling AI assistance directly within the terminal without disrupting active sessions. The assistant can explain errors, draft commands, and propose fixes while remaining aware of current and past agent sessions. Users choose an AI agent (examples include GitHub Copilot, Claude, Codex, and Gemini) and can toggle Automatic error detection, Automatic error suggestion, and Session management. The terminal shows an AI pane beneath the shell for interactive planning, edits, and session resume features.
read more →

Claude Code MCP configuration enables token theft

🔒 Researchers disclosed an attack chain against Anthropic’s command-line coding assistant, Claude Code, that abuses the Model Context Protocol (MCP). A malicious npm post-install hook can rewrite the local ~/.claude.json configuration to redirect authenticated MCP traffic to attacker infrastructure, allowing interception of stored OAuth bearer tokens. Anthropic has been notified but has not issued a patch; defenders are advised to monitor the configuration file, treat npm post-install hooks as high risk, and rotate OAuth tokens tied to Claude Code integrations.
read more →

Anthropic expands Glasswing access to 150 partners

🛡️ Anthropic has broadened Project Glasswing, giving 150 additional organizations access to its most capable model, Claude Mythos Preview, to help find vulnerabilities in critical software. The program, first opened to roughly 50 partners in April, claims more than 10,000 high- or critical-severity flaws discovered to date. New participants span 15+ countries and underrepresented sectors like power, water, healthcare and hardware, chosen for the potential catastrophic impact of breaches. Anthropic warned that while discovery is accelerating, safe public release of Mythos-class models remains restricted due to incomplete safeguards.
read more →

SageMaker HyperPod adds AI troubleshooting skills

🔧 Amazon SageMaker HyperPod now offers troubleshooting skills that deliver expert AI/ML cluster diagnostics into coding assistants like Claude Code, Cursor, and Kiro. These skills guide natural-language diagnostics for GPU hardware faults, NCCL communication issues, and performance bottlenecks across distributed clusters. They automate evidence collection via AWS Systems Manager and provide actionable recommendations without requiring infrastructure changes.
read more →

Claude Opus 4.8 Now Available in Microsoft Foundry

🚀 Claude Opus 4.8 is now accessible in Microsoft Foundry, providing developers and enterprises with Anthropic’s most capable Opus model for coding, agentic tasks, and professional work. The update focuses on long-running workflows, deeper reasoning across documents and codebases, and more reliable tool use for multi-step automation. Teams can now evaluate and deploy the model within Foundry’s unified platform for building and operating AI applications.
read more →

Anthropic to Roll Out Mythos-Class Models Publicly

🤖 Anthropic confirmed plans to release its Mythos-class AI models to the general public after previously restricting access because of security risks to public and private software. Initially available only to select organizations and researchers, Mythos was held back while Anthropic developed stronger safeguards. The company says it’s making swift progress and expects to offer Mythos-class models to customers in the coming weeks, noting significant gains in code reasoning and autonomy over its Opus 4.8 flagship.
read more →

Major LLMs Vulnerable to Multi-Turn Bypass

🔒 Cisco researchers warn that safety guardrails in several leading large language models (LLMs) can be bypassed through multi-turn conversations. They tested frontier models including ChatGPT, Claude, Gemini, Nova and Grok, finding many were susceptible to manipulation that yields disallowed outputs. Techniques such as roleplay, ambiguity, reframing, and persona adoption were effective, and model configuration affected resilience.
read more →

Anthropic’s Project Glasswing Reveals Widespread Flaws

🔍 Anthropic and over 50 partners report Project Glasswing, using Claude Mythos Preview, has surfaced roughly 10,000 critical or high-severity vulnerabilities across open source projects and partner software. The initiative scanned more than 1,000 open-source projects and validated thousands of findings with independent security firms, but maintainers are overwhelmed by the volume and pace of disclosures. Anthropic is disclosing issues under a coordinated policy and has launched enterprise offerings like Claude Security and a Cyber Verification Program to support legitimate security research.
read more →

Anthropic's Mythos model edging toward public release

🛡️ Anthropic appears to be preparing a public rollout of its restricted Mythos model, which the company warned poses major security risks by automating high-quality cyberattacks. Announced in April as an advanced frontier model, Mythos showed dramatic improvements in code reasoning and autonomy compared to Opus 4.7. References briefly appeared in Claude Code and Claude Security, suggesting a controlled preview, while Anthropic builds guardrails and works with partners through its Glasswing initiative.
read more →

Anthropic's Mythos Finds 10,000+ High Severity Flaws

🔎 Anthropic disclosed that Project Glasswing and access to Claude Mythos Preview helped partners uncover over 10,000 high- or critical-severity vulnerability candidates across widely used, systemically important software since last month. Analysis verified 1,726 true positives, including 1,094 high- or critical-severity flaws, and resulted in 97 upstream patches and 88 advisories. One notable finding was a critical WolfSSL flaw (CVE-2026-5194).
read more →

Cloudflare Integrates Claude Managed Agents with Sandboxes

🚀 Cloudflare and Anthropic have integrated Claude Managed Agents with Cloudflare Sandboxes, allowing teams to run the Claude agent loop on Anthropic while Cloudflare executes code, secures connections, and provides detailed observability. A default deployment template offers enhanced security through customizable outbound proxies, sandbox metrics and logs, SSH access, and configurable sandbox images. You can choose traditional microVMs or lightweight V8 isolates to optimize for performance and cost, and use Cloudflare Mesh or Workers VPC to connect agents to private services without exposing them to the Internet.
read more →

GPT-5.5 Matches Mythos in Security Vulnerability Tests

🔍 The UK’s AI Security Institute evaluated GPT-5.5’s ability to identify software security vulnerabilities and concluded it performs comparably to Claude Mythos, based on a series of red-team style tests and benchmark prompts. The assessment highlights that GPT-5.5 is generally available from OpenAI, making high-quality automated vulnerability detection more accessible to organizations and researchers. The Institute also analyzed a smaller, cheaper model which, when given additional prompting scaffolding and careful supervision, delivered similar detection performance. Overall, the study suggests parity among leading LLMs for initial vulnerability discovery, with differences largely hinging on prompt engineering and deployment context.
read more →

Malvertising: Claude.ai Shared Chats Deliver Mac Malware

⚠️ Attackers are using Google Ads to direct macOS users to malicious instructions hosted inside Claude.ai shared chats. The chats disguise themselves as official installation guides and prompt users to paste Terminal commands that download compressed shell scripts and execute them in memory. Some variants profile victims (including keyboard locale) before running a second-stage payload via osascript, while others immediately steal browser credentials, cookies, and Keychain items. Avoid pasting terminal commands and visit the official site directly.
read more →

Claude in Chrome vulnerability lets other extensions hijack

⚠️ Researchers at LayerX Security disclosed a flaw dubbed ClaudeBleed in Anthropic’s Claude in Chrome extension that lets other extensions inject scripts and commandeer the assistant. The issue stems from an exposed messaging interface that trusts origins instead of execution context, enabling zero-permission extensions to issue prompts and perform cross-site actions. Anthropic released a partial patch (v1.0.70) on May 6; LayerX urges stronger mitigations.
read more →

Anthropic unveils Claude Security: AI code scanning

🔒 Anthropic has launched Claude Security in public beta for Claude Enterprise customers, evolving its previous Claude Code Security offering and running on Claude Opus 4.7. The tool scans codebases to identify vulnerabilities and generates targeted patch instructions, reasoning about data flows and inter-file interactions rather than relying on simple pattern matches. It supports scheduled and targeted scans, audit-friendly exports and integrations, attaches confidence ratings to findings, and requires no API integration or custom agent build. Access is available from the Claude.ai sidebar, with Team and Max tiers coming soon.
read more →