Claude

12 reports

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

ATLAS OWASP HIGH SecurityWeek May 09, 2026 ▲ 9.1

ClaudeBleed Flaw Lets Rogue Chrome Extensions Hijack AI Agent

A vulnerability dubbed ClaudeBleed in Anthropic's Claude Chrome extension allows any browser extension to inject arbitrary prompts into the Claude AI agent by exploiting lax permission checks and …

AML.T0051 - LLM Prompt Injection AML.T0057 - LLM Data Leakage AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH Simon Willison May 08, 2026 ▲ 7.2

Claude Mythos AI-Assisted Fuzzing Uncovers 423 Firefox Security Bugs in One Month

Mozilla used early access to Anthropic's Claude Mythos model to systematically discover and patch hundreds of previously unknown vulnerabilities in Firefox, including bugs over 15–20 years old. The …

AML.T0040 - ML Model Inference API Access AML.T0047 - ML-Enabled Product or Service AML.T0043 - Craft Adversarial Data

ATLAS OWASP HIGH SecurityWeek May 08, 2026 ▲ 8.2

Pixel-Level Perturbations Enable Invisible Prompt Injection in Vision-Language Models

Cisco's AI Threat Intelligence team has demonstrated that bounded pixel-level perturbations can recover the attack effectiveness of degraded typographic images against vision-language models (VLMs), …

AML.T0043 - Craft Adversarial Data AML.T0051 - LLM Prompt Injection AML.T0015 - Evade ML Model

ATLAS OWASP HIGH Dark Reading Apr 24, 2026 ▲ 8.2

Bad Memories Still Haunt AI Agents

Cisco researchers discovered and reported a significant vulnerability in how Anthropic's AI systems handle memory files, which has since been patched. The flaw highlights a broader, systemic risk in …

AML.T0051 - LLM Prompt Injection AML.T0057 - LLM Data Leakage AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH SentinelOne Blog Apr 23, 2026 ▲ 7.5

SentinelOne's AI-powered EDR autonomously claims blocking a Claude Zero Day Supply Chain Attack

SentinelOne claims its AI-powered EDR autonomously detected and blocked Anthropic's Claude LLM from executing a zero-day supply chain attack, representing a significant case study in agentic AI …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service AML.T0051 - LLM Prompt Injection

ATLAS OWASP MEDIUM Simon Willison Apr 22, 2026 ▲ 7.2

Claude Mythos identified 271 vulnerabilities in Firefox codebase

Firefox CTO Bobby Holley reports that a collaboration with Anthropic using an early version of Claude Mythos Preview identified 271 vulnerabilities in Firefox, resulting in fixes shipped in Firefox …

AML.T0047 - ML-Enabled Product or Service AML.T0040 - ML Model Inference API Access

ATLAS OWASP MEDIUM Simon Willison Apr 22, 2026 ▲ 6.2

Claude system prompts as a git timeline

Simon Willison has created a git-based tool to track the evolution of Anthropic's publicly published Claude system prompts across model versions, enabling structured diff analysis of prompt changes …

AML.T0056 - LLM Meta Prompt Extraction AML.T0040 - ML Model Inference API Access AML.T0054 - LLM Jailbreak

ATLAS OWASP MEDIUM HN AI Security Apr 20, 2026 ▲ 6.2

Changes in the system prompt between Claude Opus 4.6 and 4.7

Anthropic's published system prompt diff between Claude Opus 4.6 and 4.7 reveals significant expansions in agentic tool access, autonomous browsing capabilities, and child safety guardrails — changes …

AML.T0051 - LLM Prompt Injection AML.T0054 - LLM Jailbreak AML.T0056 - LLM Meta Prompt Extraction

ATLAS OWASP HIGH SANS Internet Storm Center Apr 15, 2026 ▲ 7.8

Scanning for AI Models, (Tue, Apr 14th)

A single threat actor (IP 81.168.83.103) has been systematically scanning internet-facing systems since at least January 2026, specifically targeting credential files, API tokens, and configuration …

AML.T0012 - Valid Accounts AML.T0040 - ML Model Inference API Access AML.T0044 - Full ML Model Access

ATLAS OWASP LOW CrowdStrike Blog Apr 11, 2026 ▲ 6.2

Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs

CrowdStrike, as a founding member of Anthropic's Mythos program, is highlighting the security challenges posed by increasingly capable frontier AI models, signaling a growing industry focus on …

AML.T0047 - ML-Enabled Product or Service AML.T0051 - LLM Prompt Injection AML.T0040 - ML Model Inference API Access

ATLAS OWASP HIGH HN AI Security Apr 09, 2026 ▲ 7.2

Process Manager for Autonomous AI Agents

botctl is an open-source process manager that enables persistent, autonomous AI agents (currently Claude-backed) to run continuously as background daemons with tool access, file system write …

AML.T0051 - LLM Prompt Injection AML.T0047 - ML-Enabled Product or Service AML.T0010 - ML Supply Chain Compromise

ATLAS OWASP HIGH Dark Reading Apr 03, 2026 ▲ 8.2

Claude Source Code Leak Highlights Big Supply Chain Missteps

A reported source code leak affecting Claude, Anthropic's large language model, underscores systemic weaknesses in AI software supply chains and the absence of robust oversight mechanisms at critical …

AML.T0010 - ML Supply Chain Compromise AML.T0044 - Full ML Model Access AML.T0056 - LLM Meta Prompt Extraction