LIVE FEED
FIRST LOOK Yellow Teams Bring AI Offense and Defense Into One Security Function // FIRST LOOK Tracebit Ships AWS Context Bombing Defence Against AI Hacking Agents // FIRST LOOK FriendMachine Launches Jacquard Lang for AI-Written Code Review // CRITICAL Check Point 2026 AI Security Report: LLMs Now Run Live Attacks // FIRST LOOK OpenAI GPT-5.6 Sol Ships Faster Parallel Tool-Use for Agents // FIRST LOOK Meta Launches Muse Image with Public Instagram Photo Reuse // FIRST LOOK Estonia Launches State-Issued Digital IDs for AI Agents // HIGH AI Widens Skill-Ability Gap, Enabling Autonomous Cyberattacks // FIRST LOOK OpenAI Expands ChatGPT Into Family and Caregiver Households // FIRST LOOK Iroh Launches Mesh LLM for Distributed AI Across Peer Nodes //
Claude Fable 5 Jailbreak Attacks Bypass Fallback Defense

Claude Fable 5 Jailbreak Attacks Bypass Fallback Defense

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 7.2 SecurityWeek

Anthropic has released Claude Fable 5, a high-capability 'Mythos-class' model that automatically falls back to a less capable model (Claude Opus 4.8) when queries touch sensitive domains like cybersecurity and biology. The company conducted over 1,000 hours of external red-teaming with no universal jailbreaks discovered, though it openly acknowledges financially motivated adversaries will attempt to circumvent these controls. Trusted cybersecurity partners under Project Glasswing receive elevated access to the full Mythos 5 capabilities, raising questions about insider risk and tiered trust model security.

Amazon Bedrock Prompt Injection Traverses Agent Hierarchies

Amazon Bedrock Prompt Injection Traverses Agent Hierarchies

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.5 Palo Alto Unit 42

Unit 42 researchers conducted red-team analysis of Amazon Bedrock's multi-agent collaboration framework, demonstrating how attackers can systematically exploit prompt injection to traverse agent hierarchies, extract system instructions, and invoke tools with attacker-controlled inputs. The research reveals that multi-agent architectures introduce compounded attack surfaces through inter-agent communication channels, though no underlying Bedrock vulnerabilities were identified. Properly configured Guardrails and pre-processing stages effectively mitigate the demonstrated attack chains.

GoModel AI Gateway Supply Chain Compromise

GoModel AI Gateway Supply Chain Compromise

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 HN AI Security

GoModel is an open-source AI gateway written in Go that provides a unified OpenAI-compatible API across multiple LLM providers including OpenAI, Anthropic, Gemini, Groq, xAI, and Ollama. As an infrastructure layer sitting between applications and AI backends, it introduces a significant supply chain and API security surface that warrants scrutiny. The project advertises built-in guardrails and observability, which are positive security signals, but open-source gateway projects centralising multi-provider API key management represent a meaningful attack vector if misconfigured or compromised.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.