As a result of a US government directive, we are suspending access to Claude Fable 5 for all users. You can continue to use all other Claude models.
Here’s what this means for you:
Across Claude products, new sessions will run on your selected default model or Opus 4.8, and existing Fable 5 sessions will end with an error.
On the Claude Platform, requests to Fable 5 will also return an error. Please update your integrations to other Claude models.
We know this is a disruption to your workflows; we appreciate your patience and support.
Apple ha sacado su propio “Docker” nativo y oficial.
Permite ejecutar contenedores Linux en máquinas virtuales ligeras en macOS.
✓ Compatible con imágenes OCI de Docker Hub
✓ Optimizado para Apple Silicon
✓ Escrito en Swift
→ https://t.co/aMpuOfDQgN
¡Grok ha lanzado su propio Claude Code!
Y ojo porque funciona bastante bien...
✓ Con subagentes en paralelo
✓ MCP, hooks, skills y plugins
✓ Memoria integrada entre sesiones
✓ Modo headless para CI/CD
Ya se puede descargar → https://t.co/WcVnxNrSSX
Beginner video: How to install & use Grok Build (made for non-technical SuperGrok and X Premium+ users)
I got so many questions from friends, so I made this simple step-by-step guide.
You’ll see exactly how to:
• Install Grok Build in seconds with one command
• Create real websites
• Use Grok Imagine to auto-generate images & videos
• Run multiple projects at once in different folders
Grok even runs commands for you. No coding experience needed.
Watch the full walkthrough 👇
We’ve shipped a security-guidance plugin for Claude Code that helps identify and fix vulnerabilities as you’re writing code.
Available for all Claude Code users. Install from the plugin marketplace (/plugins).
In the next version of Claude Code: run /usage to see a breakdown of which Skills, Agents, MCPs, and Plugins are using your tokens
CLI today, coming to Desktop next
We’ve added two security improvements to Claude Managed Agents.
Self-hosted sandboxes keep the agent’s execution environment in your infrastructure or with a managed sandbox provider.
MCP tunnels let the agent connect to services inside your security perimeter.
🚨A HACKER GROUP JUST STOLE 4,000 OF GITHUB'S OWN PRIVATE REPOSITORIES.. PUT THEM UP FOR SALE FOR $50,000.. AND THE WAY THEY GOT IN IS THE SCARIEST PART..
They didn't hack GitHub's servers.. They poisoned a VS Code extension.. One GitHub employee installed it.. And the attackers walked through the front door using the employee's own credentials..
The group calls themselves TeamPCP.. They name their malware after the sandworms from Dune.. And they've been running the most sophisticated supply chain attack campaign in cybersecurity history..
Here's how the whole thing unfolded..
In March.. They poisoned Trivy.. One of the most trusted security scanners in the world.. Used by over 10,000 development workflows globally..
They injected credential-stealing malware into Trivy's official GitHub Action.. The malware ran silently BEFORE the security scan.. So every log showed "scan completed successfully" while the malware was stealing AWS keys, SSH credentials, database passwords, and Kubernetes tokens in the background..
It took Aqua Security 5 days to fully remove them..
Using the stolen credentials.. They breached Cisco Systems.. Cloned over 300 private repositories.. Including source code for unreleased AI products.. And repositories belonging to Cisco's customers.. Major banks.. Government agencies.. BPO firms..
In April.. They hit Checkmarx.. Another security vendor.. Poisoned 5 official Docker images in 83 minutes.. The scanner worked perfectly.. It just silently sent all your secrets to the attackers..
That automatically cascaded into Bitwarden.. The password manager.. Their CI/CD system pulled the poisoned Docker image.. And the attackers injected malware into Bitwarden's official CLI package published on npm..
One compromised security scanner poisoned a password manager.. Automatically.. No human involved..
In May.. They hit TanStack.. Libraries downloaded millions of times per week.. 84 malicious package versions across 42 packages..
And here's the terrifying part..
The malware scraped the raw memory of GitHub's build servers.. Extracted authentication tokens.. Used those tokens to bypass two-factor authentication.. And then published the infected packages with completely valid cryptographic signatures..
Every security verification tool on earth said the packages were legitimate.. Because they were signed by the real pipeline.. Using real keys.. The attackers just happened to be inside the pipeline when it signed..
They defeated the entire trust model of modern software supply chains..
The same week they hit the Nx Console VS Code extension.. 2.2 million installations.. The malware specifically targeted Claude Code configurations.. Hunting for AI assistant credentials..
That's a first.. Supply chain malware designed to steal your AI's access keys..
Then on May 19.. They revealed the GitHub breach.. 4,000 internal repositories.. Listed for sale at $50,000.. With a warning.. "If nobody buys it.. We leak everything for free"..
Their malware is self-propagating.. Once it infects one package.. It automatically finds every other package that developer maintains.. Steals the publish tokens.. And infects all of them.. Then those packages infect the next developer.. And the next..
It jumps between npm and PyPI automatically..
The group doesn't even do the extortion themselves.. They sell stolen credentials to ransomware gangs.. One gang used TeamPCP's data to threaten Cisco with leaking FBI and NASA personnel records..
And the scariest part of all..
They didn't break any encryption.. They didn't find any zero-days.. They exploited the fact that the entire software industry blindly trusts its own build tools..
Every security scanner.. Every Docker image.. Every VS Code extension.. Every GitHub Action.. Is a potential weapon if someone poisons it upstream..
And right now.. Nobody can tell the difference between a legitimate build and a compromised one..
Because the compromised ones have valid signatures too.
🚨 A new UNPATCHED Linux kernel “Dirty Frag” LPE flaw enables root access on Ubuntu, RHEL, Fedora and other distributions.
Researchers released a working proof-of-concept exploit capable of gaining root in a single command.
Details here: https://t.co/gxjVsS5pwo
In Claude Managed Agents, we’ve added multiagent orchestration, an outcomes loop for rubric-driven self-improvement, dreaming for self-learning, & webhooks.
Managing API keys is one of the top security concerns we hear from customers.
Today we’re introducing keyless auth for Claude Platform: authenticate via browser with the CLI, or let workloads use their existing cloud identity (AWS, GCP, Azure, or any OIDC token provider).
Claude Trading Folder
I’ve compressed the best trading prompts into one PDF
Get it for FREE:
• Like + Repost + Comment “TRADING”
• Follow me so I can DM you
Hablemos de CVE-2026-31431 o "Copy Fail" es una vulnerabilidad que afecta TODOS los kernels de Linux desde 2017 en adelante y permite ganar acceso root con una línea de código:
‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP.
The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years.
Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box.
The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root.
Result: the next time anyone runs that program, it lets the attacker in as root.
What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk.
Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants.
The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today.
This vulnerability affects the following:
🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root
🔴 Kubernetes and container clusters: one compromised pod escapes to the host
🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner
🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root
Timeline:
🔴 March 23, 2026: reported to the Linux kernel security team
🔴 April 1: patch committed to mainline (commit a664bf3d603d)
🔴 April 22: CVE assigned
🔴 April 29: public disclosure
Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module:
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...
¡Esta vulnerabilidad de Linux es una locura!
Afecta a casi todas las distribuciones desde 2017.
10 líneas de Python y consigues permisos root en cualquier sistema afectado.
Investigación humana asistida por IA.
Toda la info → https://t.co/VbEjWWCI6e
🛑 WARNING: Bitwarden CLI was compromised in a supply chain attack.
@bitwarden/[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.
🔗 Learn how the attack worked → https://t.co/xqqJ7a9REL