The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.
The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance.
Access to all other Claude models is not affected.
We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible.
Read our full statement: https://t.co/bwn0sximKZ
One click on a malicious link.
No download. No malware. Your NTLMv2 hash is gone — straight to the attacker.
And they don’t even need to crack it. They can use the hash directly to move across your network.
This is still unpatched. How many are clicking blindly right now?
One click. That’s all it takes.
A malicious link in github-dev could quietly hand attackers full read/write access to your private repos — including stealing your GitHub OAuth token.
VS Code Desktop is safe. Browser version is not.
Microsoft is fixing it.
No disrespect to the other announcers who have been putting in the hours this season, always a fan, but it has been nice to have @RexHudler1 back this last week.
Fortune cookies were used for phishing in a social engineering test, luring employees with a fake $50 Amazon gift card to a credential-harvesting site. Physical lures can bypass caution. #Evilginx#Amazon#Denver
https://t.co/XTFM9nuwDu
🚨 BREAKING: ShinyHunters defaced Canvas login portals for hundreds of colleges and universities today, replacing them with extortion demands tied to the recent Instructure breach.
Sources tell BleepingComputer that the hackers exploited another unpatched vulnerability in Instructure’s systems, allowing them to hijack approximately 330 Canvas portals and display ransom messages to students and staff.
What happened:
🔴 Canvas login portals were replaced with ShinyHunters extortion messages
🔴 The messages warned schools to negotiate before May 12 or student data would be leaked
🔴 The defacements also appeared inside the Canvas mobile app
The portals were visible for about 30 minutes before being taken offline as Instructure responded to the incident.
This follows last week’s breach where ShinyHunters claimed to have stolen 280 million student and staff records tied to thousands of schools using Canvas.
🚨 73 VS Code extensions flagged as malicious.
Researchers say some are sleeper packages that later update to steal data and install backdoors across developer tools.
🔗 Full details: https://t.co/ZIEGP2uact
A New Jersey high school put on an ALIEN: THE PLAY production and even built a xenomorph suit that would lurk around the audience. The best part is Sigourney Weaver herself showed up to check out the production 🔥 so cool
Someone just poisoned the Python package that manages AI API keys for NASA, Netflix, Stripe, and NVIDIA.. 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine.
The attacker picked the one package whose entire job is holding every AI credential in the organization in one place. OpenAI keys, Anthropic keys, Google keys, Amazon keys… all routed through one proxy. All compromised at once.
The poisoned version was published straight to PyPI.. no code on GitHub.. no release tag.. no review. Just a file that Python runs automatically on startup. You didn’t need to import it. You didn’t need to call it. The malware fired the second the package existed on your machine.
The attacker vibe coded it… the malware was so sloppy it crashed computers.. used so much RAM a developer noticed their machine dying and investigated. They found LiteLLM had been pulled in through a Cursor MCP plugin they didn’t even know they had.
That crash is the only reason thousands of companies aren’t fully exfiltrated right now. If the code had been cleaner nobody notices for weeks. Maybe months.
The attack chain is the part that gets worse every sentence.
TeamPCP compromised Trivy first. A security scanning tool. On March 19. LiteLLM used Trivy in its own CI pipeline… so the credentials stolen from the SECURITY product were used to hijack the AI product that holds all your other credentials.
Then they hit GitHub Actions. Then Docker Hub. Then npm. Then Open VSX. Five package ecosystems in two weeks. Each breach giving them the credentials to unlock the next one.
The payload was three stages.. harvest every SSH key, cloud token, Kubernetes secret, crypto wallet, and .env file on the machine.. deploy privileged containers across every node in the cluster.. install a persistent backdoor waiting for new instructions.
TeamPCP posted on Telegram after: “Many of your favourite security tools and open-source projects will be targeted in the months to come.. stay tuned.”
Every AI agent, copilot, and internal tool your company shipped this year runs on hundreds of packages exactly like this one… nobody chose to install LiteLLM on that developer’s machine. It came in as a dependency of a dependency of a plugin. One compromised maintainer account turned the entire trust chain into a credential harvesting operation across thousands of production environments in hours.
The companies deploying AI the fastest right now have the least visibility into what’s underneath it.
So in three days @Starbucks pivoted their entire payroll system to manual? Very impressive. Either a great disaster recovery plan or super heroic effort. https://t.co/P4ho9yuDEc
“You’ve won a FREE TRIP!” Did you get a message that sounds too good to be true? It could be a scammer trying to get your info! 🐟 👎Recognize and report phishing to protect yourself from scams like these https://t.co/QvafkfgLxo
@MissouriSandT I noticed they got this back open Saturday a whole week ahead of schedule! Nice to have it back. It combined with random constructions and odd police blockades has added up to 15 minutes to any travel time around Rolla for me.
@PhysInHistory In the field people talk about their Erdos number. It is like degrees from Kevin Bacon, only with papers and not movies. Legend has it, he was nomadic about looking for problems to solve. At the @MissouriSandT campus there is a faculty member with a very low Erdos number.