Anthropic News
Anthropic deployed Claude Fable 5 with new safety classifiers designed to detect and block dangerous cybersecurity uses, while releasing a framework to categorize jailbreak severity. The classifiers sort cybersecurity requests into four categories: prohibited use (ransomware, malware development, data exfiltration), high-risk dual use (penetration testing, exploit development), low-risk dual use (vulnerability identification that other models can already do), and benign use (secure coding, debugging). The framework aims to establish consistent terminology for discussing AI jailbreak risks across government, industry, and academia, with feedback welcomed at cyber-safeguards@anthropic.com and a HackerOne bug bounty program now active.
Anthropic News
The Government of Alberta used Claude Code to scan 466 million lines of government code across 27 provincial ministries, identifying security vulnerabilities and gaps that had never undergone systematic review. The scan, conducted by roughly 50 autonomous agents working in parallel, took 20 hours to complete work that the team estimates would have required 6.5 years using traditional approaches. Alberta's team used Claude to fix identified vulnerabilities, write missing automated tests, and rebuild outdated systems in modern languages, with plans to consolidate 185 legacy applications into 16 reusable applications and expand the approach across all provincial government ministries.
Hugging Face Blog
·
15 hours ago
Hugging Face detected and contained an intrusion driven entirely by an autonomous AI agent system that exploited vulnerabilities in their dataset processing pipeline to gain access to internal credentials and datasets. The attacker executed over 17,000 individual actions across multiple compromised clusters over a weekend before being detected and eradicated. The company has closed the exploited code-execution paths, rotated credentials, and now plans to maintain on-premise AI models for forensic analysis during future incidents, particularly to avoid safety guardrails that block analysis of real attack data.