11 Jul, 2026

JadePuffer ransomware used AI agent to automate entire attack

Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. According to cloud security company Sysdig, JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data. The […]

3 mins read

Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says

Anthropic says Claude Fable 5 won’t be accessible via Claude subscriptions after July 7, but it’s not a permanent change, and the company expects the model to return outside the usage-based plan soon. Fable 5 was recently restored after the US government lifted export controls on Anthropic’s most powerful models, Fable 5 and Mythos 5. As […]

2 mins read

Claude Fable relaunch disappoints users with nerfed performance

Claude Fable, the company’s most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release. When the Department of Commerce announced that it was lifting the ban on Claude Fable, I was holding my breath and counting seconds for the model to show […]

3 mins read

Anthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower price

Anthropic is now rolling out Sonnet 5, and it’s almost as good as the Opus range, but it is designed to be cheaper than the company’s flagship model. In a blog post, Anthropic said Claude Sonnet 5 is “built to be the most agentic Sonnet model yet,” and added that it comes with advanced features, such […]

3 mins read

New BioShocking attack manipulates AI browser into data theft

A new prompt injection attack dubbed “BioShocking” could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, causing them to ignore any safety guardrails. A proof-of-concept (PoC) for the attack, devised by researchers at LayerX, was successfully tested against six mainstream agentic browser products (ChatGPT Atlas, Comet, Fellou, Genspark Browser, […]

2 mins read

Fake Perplexity extension on Chrome Web Store tracked searches

A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information. Called “Search for perplexity ai,” the extension routed search queries and real-time suggestions through its infrastructure before redirecting users to the legitimate search services. Microsoft Threat Intelligence researchers said that the extension […]

2 mins read

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. Researchers at Mozilla’s Zero Day Investigative Network (0DIN) AI security platform say that the compromise happens with “no exploit code, no warning, no suspicious […]

2 mins read

Cybersecurity firms targeted by fraudulent OpenAI organization invites

Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. Push Security discovered what they dub as the “Poisoned Tenant” campaign after multiple employees received invitations to join an OpenAI […]

4 mins read

Anthropic is testing desktop-like Claude Cowork for mobile

Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. For those unaware, Claude Cowork is Anthropic’s desktop-focused agentic mode for Claude, and it brings some of Claude Code’s task-running abilities to regular knowledge work. Unlike Claude Code, which is optimized for coding/development tasks, Cowork can work […]

2 mins read

New macOS malware embeds fake errors to confuse AI analysis tools

A newly discovered macOS malware dubbed “Gaslight” is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. Cybersecurity researchers are increasingly using AI-powered tools to assist with malware analysis and reverse engineering. The malware contains strings that attempt to gaslight AI-assisted analysis tools into believing there is […]

2 mins read