LIVE FEED
OpenAI Launches ChatGPT for Science with Institutional Access

OpenAI Launches ChatGPT for Science with Institutional Access

FIRST LOOK ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 5.8 BleepingComputer

OpenAI is internally testing a specialised 'ChatGPT for Science' subscription tier, likely restricted to verified universities and research institutions, building on capabilities from GPT-Rosalind — a purpose-built life sciences model already deployed under a trusted-access structure with select pharma partners. The gated, domain-specific nature of this offering creates novel identity and access verification attack surfaces, as threat actors will likely probe credential and institutional verification mechanisms to gain privileged access to specialised scientific knowledge. Defenders at academic and research institutions should anticipate increased phishing campaigns targeting institutional credentials and prepare governance frameworks for AI use in sensitive research environments.

Anthropic Ships Claude Fable 5 with Exploit Generation

Anthropic Ships Claude Fable 5 with Exploit Generation

FIRST LOOK ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 8.7 Wired Security

Anthropic's Mythos 5 and Claude Fable 5 represent the arrival of frontier AI models with demonstrated, advanced vulnerability discovery and exploit-development capabilities — a capability class that will rapidly proliferate across multiple vendors and open-weight releases. The core attack surface is not model-specific: guardrail bypass of the consumer-facing Fable 5 exposes full Mythos-grade offensive capability to any actor who can defeat the content filters, while the broader proliferation trajectory means defenders must assume adversary access to equivalent capabilities within months. The regulatory response addresses a single vendor while doing nothing to raise the floor for the broader ecosystem of competitive and open-weight models following close behind.

Anthropic Mythos Model Theft: China-Linked Access

Anthropic Mythos Model Theft: China-Linked Access

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 8.5 The Verge AI

The White House reportedly believes a China-linked group accessed Anthropic's Mythos AI model, prompting export restrictions on the technology. If confirmed, the breach represents a significant national security threat, as adversaries could exploit the model directly or use knowledge distillation to replicate its capabilities. Separately, reports of jailbreak vulnerabilities in Mythos and Fable compound concerns about unauthorised access to frontier AI systems.

Qwen 3.5-397B Model Theft: Rio's LLM Exposed as Rebranded Clone

Qwen 3.5-397B Model Theft: Rio's LLM Exposed as Rebranded Clone

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.8 HN AI Security

Researchers have demonstrated that Rio de Janeiro's publicly presented 'homegrown' 397B language model is not an original creation but an undisclosed element-wise weight merge of the Nex-N2_pro model and Qwen3.5-397B-A17B. The finding was established through two independent methods: identity probing showing the model identifies as 'Nex' 79% of the time, and tensor-level statistical analysis confirming a consistent 0.6/0.4 blend across all 60 layers. This constitutes a model theft and supply chain integrity violation, with additional implications for public trust in government AI procurement and IP attribution.

Claude Fable 5 Jailbreak Triggers US Export Control Ban

Claude Fable 5 Jailbreak Triggers US Export Control Ban

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.2 Simon Willison

The US government issued an export control directive ordering Anthropic to suspend all access to Claude Fable 5 and Mythos 5, citing national security concerns over an alleged jailbreak technique capable of surfacing software vulnerabilities. Anthropic publicly contested the order, arguing the demonstrated capability is already widely available in other public models including GPT-5.5, and that the identified vulnerabilities were minor and previously known. The incident marks a significant precedent for government intervention in frontier AI model access on national security grounds.

Anthropic Releases Claude Fable 5 with Jailbreak Resistance

Anthropic Releases Claude Fable 5 with Jailbreak Resistance

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 SecurityWeek

Anthropic's release of Claude Fable 5, a Mythos-class frontier model, has prompted significant industry debate over its dual-use offensive capabilities in cybersecurity and biology. The model includes a capability fallback mechanism — downgrading to Claude Opus 4.8 in high-risk domains — alongside extensive jailbreak-resistance red-teaming. Security professionals are warning that frontier AI capability investment directly accelerates attacker tooling for machine-speed, AI-orchestrated 'hyperattacks' that outpace human defenders.

Anthropic Claude Fable 5 Silently Degrades LLM Research

Anthropic Claude Fable 5 Silently Degrades LLM Research

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 Simon Willison

Anthropic embedded a covert policy in Claude Fable 5 (Mythos) that silently identified and degraded responses to requests related to frontier LLM development, without notifying affected users. This constitutes a form of undisclosed model behaviour manipulation — a significant transparency and trust failure with direct implications for AI security researchers relying on the model for legitimate work. Following public outcry, Anthropic reversed the policy and issued an apology, committing to make such safeguards visible.

Claude Fable 5 Prompt Injection Jailbreak Resistance

Claude Fable 5 Prompt Injection Jailbreak Resistance

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.8 The Hacker News

Anthropic has released Claude Fable 5 with a classifier-based safety layer that routes flagged offensive cyber, bio, and model-distillation requests to a weaker fallback model, while reserving full capabilities in a twin model (Mythos 5) for vetted defenders. The architecture represents a novel approach to dual-use AI risk mitigation but introduces measurable false-positive friction and raises questions about the robustness of classifier-only defences. An external bug bounty of over 1,000 hours found no universal jailbreak, though the conservative tuning and <5% fallback rate leave open questions about real-world bypass rates under adversarial pressure.

Claude Fable 5 Jailbreak Attacks Bypass Fallback Defense

Claude Fable 5 Jailbreak Attacks Bypass Fallback Defense

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 7.2 SecurityWeek

Anthropic has released Claude Fable 5, a high-capability 'Mythos-class' model that automatically falls back to a less capable model (Claude Opus 4.8) when queries touch sensitive domains like cybersecurity and biology. The company conducted over 1,000 hours of external red-teaming with no universal jailbreaks discovered, though it openly acknowledges financially motivated adversaries will attempt to circumvent these controls. Trusted cybersecurity partners under Project Glasswing receive elevated access to the full Mythos 5 capabilities, raising questions about insider risk and tiered trust model security.

Robinhood Prompt Injection Enables Autonomous Trade Attacks

Robinhood Prompt Injection Enables Autonomous Trade Attacks

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 HN AI Security

Robinhood has launched agentic trading and a virtual credit card that allow third-party AI agents to autonomously execute stock trades and payments on behalf of users via a Model Context Protocol (MCP) integration. This architecture introduces significant attack surface through prompt injection, excessive agency, and insecure plugin design risks inherent to LLM-driven autonomous financial action. The delegation of real financial authority to AI agents with limited human-in-the-loop controls represents a systemic risk to retail investors if agent pipelines are compromised or manipulated.

AI Supply Chain Compromise: Models Lack Bill of Materials

AI Supply Chain Compromise: Models Lack Bill of Materials

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 Dark Reading

As AI systems proliferate across enterprise environments, the lack of standardised AI Bills of Materials (AI BOMs) leaves organisations blind to the components, training data, and dependencies embedded in deployed models. The article examines whether 2026 marks a turning point for AI BOM adoption as a risk management practice. Without visibility into AI supply chains, organisations remain exposed to hidden vulnerabilities including poisoned models, compromised dependencies, and undisclosed third-party components.

AI Agent Identity Sprawl Bypasses Enterprise IAM Systems

AI Agent Identity Sprawl Bypasses Enterprise IAM Systems

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 Dark Reading

As AI agents proliferate across enterprise environments, their associated non-human identities are introducing governance and security gaps that traditional IAM frameworks were not designed to handle. New Omdia research highlights that AI agent identity management demands distinct budget allocations and security controls separate from conventional IAM programs. The failure to properly secure and govern these machine identities exposes organisations to credential abuse, privilege escalation, and lateral movement risks.

LLM Safety Benchmarks Fail to Reliably Measure Security

LLM Safety Benchmarks Fail to Reliably Measure Security

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 Schneier on Security

A report highlighted by Bruce Schneier argues that AI security cannot be reliably measured through benchmarks alone, drawing parallels to the decades-long evolution of software security engineering. The core finding is that LLM weight spaces encode continuous spectrums that resist meaningful quantitative measurement, making trust in model outputs structurally difficult to establish. The practical implication is that organisations must rely on assurance processes rather than scorecards to manage AI security risk.

Rust Compiler Tightens LLM Code Policy for Supply Chain

Rust Compiler Tightens LLM Code Policy for Supply Chain

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 HN AI Security

The Rust compiler project (rust-lang/rust) is formalising a policy governing LLM use in contributions, signalling growing institutional recognition of AI-generated code risks in critical infrastructure. The policy, proposed via pull request on rust-forge, is scoped to the core compiler repository and will be linked from contribution guidelines. This represents a significant governance precedent for open-source security-critical projects managing supply chain integrity amid widespread LLM-assisted development.

AI Agent Privilege Escalation Bypasses IAM Visibility

AI Agent Privilege Escalation Bypasses IAM Visibility

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 6.5 The Hacker News

Enterprises are deploying AI agents faster than governance frameworks can track them, creating a shadow identity layer that operates outside traditional IAM visibility. These agents run continuously, accumulate permissions opportunistically, and interact with sensitive data at machine speed — largely unmonitored. The structural gap between agent activity and IAM coverage represents a significant and growing attack surface for privilege abuse and data exfiltration.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.