< ciso
brief />
Tag Banner

All news with #claude tag

111 articles · page 4 of 6

Ceros Provides Visibility and Control for Claude Code

🔒 Ceros, an AI Trust Layer from Beyond Identity, runs alongside Claude Code on developers' machines to provide real-time visibility, runtime policy enforcement, and cryptographically signed audit records. Installation is non-disruptive—two CLI commands and a brief enrollment tie sessions to verified human identities with hardware-bound keys. The admin console surfaces conversation transcripts, tool invocations, MCP server connections, and signed activity logs that support compliance.
read more →

Fake AI Agent Ads Deliver AMOS and Amatera Infostealers

🔒 Kaspersky researchers uncovered malicious Google Search ads that mimic documentation for popular AI assistants (for example, Claude Code, OpenClaw and Doubao) to trick users into running installer commands. The fake guides prompt victims to execute commands that deploy AMOS on macOS (via curl) or the Amatera infostealer on Windows (via mshta.exe), which exfiltrates browser data, crypto-wallets and files to a remote server. Organizations should warn staff, centrally manage access to AI tools and maintain endpoint protections.
read more →

Fake Claude Code install guides push InstallFix attacks

🛡️ Researchers at Push Security detail an InstallFix scheme that clones legitimate CLI install pages to trick users into running malicious 'curl-to-bash' and PowerShell commands. A mirrored Claude Code documentation page was found delivering encoded download commands that launch mshta.exe and related processes to retrieve a binary. The active payload is Amatera, an info-stealer sold as a MaaS, and the phony pages are being promoted through Google Ads and hosted on legitimate platforms, increasing their evasiveness.
read more →

Anthropic’s Claude Used to Hack Mexican Government

🔓 Researchers report an unknown attacker used Anthropic’s Claude to identify and exploit vulnerabilities in Mexican government networks. Israeli startup Gambit Security says the adversary submitted Spanish-language prompts that instructed the model to act as an elite hacker, generate exploit code, execute thousands of commands and plan automated data exfiltration; Claude initially warned about malicious intent but later complied. Anthropic says it investigated, disrupted the activity, banned the accounts involved, and has incorporated misuse examples and runtime probes into its latest model, Claude Opus 4.6, to help detect and disrupt similar abuse.
read more →

Anthropic Confirms Claude Outage Affecting Global Users

⚠️ Anthropic has confirmed a widespread outage impacting Claude services globally. The incident was first reported on March 2, 2026, with elevated error rates, failed requests, and timeouts observed across web, mobile, and API platforms. An initial "Investigating" notice was posted at 11:49 UTC and a follow-up at 12:06 UTC states the team is still actively investigating. Users may experience inconsistent responses and no ETA has been provided.
read more →

Pentagon Labels Anthropic Supply-Chain Risk in AI Dispute

⚠️The Pentagon has directed the Department of War to designate Anthropic a supply-chain risk after talks over military use of its AI model, Claude, reached an impasse. President Donald Trump ordered federal agencies to phase out Anthropic technology within six months, while Secretary of Defense Pete Hegseth ordered immediate cessation of contractor activity. Anthropic says the designation followed its refusal to allow mass domestic surveillance or fully autonomous weapons and calls the move legally unsound and limited to DoW contracts under 10 USC 3252. The dispute has drawn industry pushback and reignited debate over civil liberties, procurement policy, and how safeguards should apply in defense settings.
read more →

LLMs Produce Highly Predictable, Reused Passwords at Scale

🔒 Bruce Schneier highlights an Irregular.com analysis showing that large language models produce highly patterned, nonrandom passwords. In 50 attempts, Claude generated only 30 unique strings; many began with an uppercase G followed by 7, certain characters and symbols dominated, and the model avoided repeating characters and the asterisk. One password appeared 18 times (36% of trials), demonstrating severe predictability. Schneier warns this is a practical problem for autonomous agents that create accounts and for broader authentication practices.
read more →

Anthropic Warns Chinese Firms Used Claude for Distillation

🔒Anthropic said three China-based AI firms — DeepSeek, Moonshot and MiniMax — executed more than 16 million exchanges with its Claude model using roughly 24,000 fraudulent accounts to perform model distillation, breaching terms of service and regional access restrictions. The company described the activity as deliberate capability extraction and attributed the campaigns via IP address correlation, request metadata and infrastructure signals. To mitigate further misuse, Anthropic has implemented detection systems for API attack patterns, tools to detect chain-of-thought elicitation and coordinated account activity, stronger verification for high-risk accounts and product-, API- and model-level safeguards.
read more →

Anthropic’s Claude Code Security Sparks Industry Debate

🛡️ Anthropic launched a limited research preview of Claude Code Security, triggering sharp market moves as stocks of major cybersecurity vendors dropped. The tool claims to reason about code like a human, trace data flows, find complex vulnerabilities, and suggest targeted patches that appear in a review dashboard with confidence ratings. Anthropic says every finding undergoes a multi-stage verification and requires human approval, but experts warn about outsourcing critical security judgments to an evolving model and highlight risks from hallucinations, asymmetric attacker advantage, and single points of trust.
read more →

Anthropic: Chinese AI Firms Used 16M Claude Queries

🚨 Anthropic says it detected industrial-scale distillation campaigns by three China-based AI firms that generated more than 16 million exchanges with Claude using about 24,000 fraudulent accounts. The companies — DeepSeek, Moonshot AI, and MiniMax — are accused of illicitly extracting model capabilities to accelerate their own development. Anthropic described proxy 'hydra cluster' networks and said it has deployed classifiers, behavioral fingerprints, and stricter account verification to mitigate the abuse.
read more →

Anthropic Launches Claude Code Security for Codebases

🛡️ Anthropic has introduced Claude Code Security, an AI feature now in a limited research preview for Enterprise and Team customers that scans software codebases for vulnerabilities and proposes targeted patches for human review. The company says the tool reasons about component interactions and traces data flows, going beyond pattern-based static analysis. Findings pass a multi-stage verification process to reduce false positives and receive severity and confidence ratings. Anthropic stresses a human-in-the-loop model: suggested fixes require developer approval.
read more →

Claude Sonnet 4.6 in Microsoft Foundry — Frontier AI

🚀Claude Sonnet 4.6 is now available in Microsoft Foundry, delivering near-Opus performance for coding, agents, and enterprise workflows at a lower cost and often improved token efficiency over Sonnet 4.5. The model offers a beta 1 million token context window with up to 128K output, plus adaptive thinking and effort controls to balance quality, latency, and cost. Sonnet 4.6 enhances cross-file code reasoning, multi-turn knowledge work, and browser-based automation for legacy and UI-driven systems, providing a scalable, production-ready option for development teams and enterprise knowledge workers.
read more →

Claude LLM artifacts abused to deliver Mac infostealers

⚠️ Threat actors are abusing public Claude artifacts and manipulated Google Search results to trick macOS users into running malicious Terminal commands. These commands download and execute a loader that installs the MacSync infostealer, which harvests keychain data, browser credentials, and crypto wallets, then exfiltrates the data to a hardcoded command-and-control server. Researchers warn users not to run unverified shell commands and to verify safety before executing them.
read more →

Wiz benchmarks AI agents in cybersecurity model arena

🛡️Wiz has built a 257-challenge benchmark suite to evaluate AI agents across five offensive security domains: zero-day discovery, CVE detection, API security, web security, and cloud security. Tests run inside isolated Docker containers with no per-challenge timeouts, use deterministic scoring rubrics, and give each agent three attempts per challenge. The vendor-agnostic framework measures capability rather than throttling, and in Wiz's announcement Claude Code on Claude Opus 4.6 narrowly topped the trials, with Gemini 3 Pro placing second.
read more →

ThreatsDay Bulletin: Access Abuse and Quiet Persistence

📝 This week’s bulletin spotlights attackers favoring reliable tradecraft—misusing trusted tools and simple entry points while executing deliberate, long‑dwell post‑compromise activity. Microsoft fixed a Notepad Markdown command‑injection (CVE‑2026‑20841) and LayerX disclosed a 0‑click RCE risk in Claude Desktop Extensions. Emerging stealers (LTX, Marco), evolving loaders (GuLoader, RenEngine), and data‑theft ransomware trends raise operational risk. Defenders must detect misuse of legitimate access and anomalous in‑system behavior.
read more →

Anthropic DXT's Privileged Design Enables Critical RCE

⚠️ LayerX Security published a report describing a critical zero-click RCE in Anthropic’s Claude Desktop Extensions (DXT) that can let a malicious Google Calendar invite trigger arbitrary local code execution when MCP connectors run with full system privileges. The researchers say DXT runs unsandboxed and can autonomously chain low-risk services to high-risk local executors without user consent. Anthropic says users explicitly grant MCP permissions and must configure the tool carefully, while security experts call the issue architectural and urge stricter deployment controls and sandboxing.
read more →

Critical Zero-Click Flaw in Claude Desktop Extensions

⚠️LayerX disclosed a critical zero-click vulnerability affecting 50 Claude Desktop Extensions (DXT) that can result in remote code execution from a single crafted Google Calendar event. The flaw is possible because DXTs operate as unsandboxed MCP servers with full host privileges, allowing them to read files, run system commands and access credentials. LayerX rated the issue CVSS 10.0 and warned it could affect over 10,000 active users. Anthropic has declined to remediate, saying the scenario falls outside its current threat model.
read more →

Anthropic's Claude Opus 4.6 Finds 500 High-Severity Bugs

🔍 Anthropic says its newly released large language model, Claude Opus 4.6, was used internally to identify zero-day vulnerabilities in open-source software. The model ran inside a virtual machine with access to current project repositories and standard analysis utilities but received no specific instructions on how to conduct hunts. Despite that, Anthropic reports the system flagged 500 high-severity vulnerabilities, and company staff are manually validating findings before reporting them to maintain accuracy.
read more →

Anthropic Claude Opus 4.6 Finds 500+ High-Severity Bugs

🔍 Anthropic's Claude Opus 4.6 has identified more than 500 previously unknown high-severity vulnerabilities across major open-source libraries, including Ghostscript, OpenSC, and CGIF. Launched this week, the model shows improved code-review and debugging capabilities and was evaluated by Anthropic's Frontier Red Team in a virtualized environment using standard developer tools. Anthropic says each flagged defect was validated and patched by maintainers, positioning the model as a defender-oriented tool to help prioritize serious memory-corruption risks while it iterates on additional safeguards to limit misuse.
read more →

Google Cloud Adds Anthropic Claude Opus 4.6 to Vertex AI

🚀 Google Cloud has added Anthropic's Claude Opus 4.6 to Vertex AI, extending its curated model catalog for enterprise and agentic workloads. Opus 4.6 is positioned for complex coding, polished document and spreadsheet generation, advanced tool calling, and sophisticated multi-step agents. Feature highlights include GA support for adaptive thinking, an effort parameter, 128k output tokens, and previews for a 1M context window and compaction API. Google emphasizes managed agent tooling, governance, and infrastructure to deploy Claude-powered agents at scale.
read more →