Anthropic is a organization tracked across 50 threat clusters and 165 intelligence report mentions on ThreatCluster. First observed November 4, 2025; most recent activity July 15, 2026.
On May 9, 2026, Singapore's National Security Minister K Shanmugam warned that the telecommunications sector is a 'high-value target' for cyber attackers using advanced artificial intelligence (AI) techniques. The…
On March 24, 2026, two versions of the LiteLLM Python package (1.82.7 and 1.82.8) were compromised on PyPI, embedding credential-stealing payloads. The attack, linked to the TeamPCP threat actor, exploited a…
CrowdStrike disclosed a critical vulnerability (CVE-2026-40050) in its LogScale product, allowing unauthenticated attackers to exploit a path traversal flaw to access sensitive files. This vulnerability affects…
Anthropic has accused Alibaba of conducting the largest known distillation attack on its Claude AI model. In a letter to US Senators, Anthropic detailed that operators linked to Alibaba executed nearly 29 million…
A critical supply chain vulnerability in Claude Code’s GitHub Actions, identified by security researcher Ryota K from GMO Flat Security, allows attackers to compromise any repository using Anthropic’s CI/CD workflow.…
Recent research from Darktrace reveals the evolution of Chinese-nexus cyber operations over the past two decades, highlighting a shift from high-volume attacks to more strategic, identity-centric intrusions. This change…
Anthropic's AI tool, Claude Code, was found to contain hidden tracking mechanisms targeting Chinese users, raising significant privacy concerns. The covert detection logic, embedded since April 2, 2026, identified users…
Anthropic's Claude Code AI platform has been found to have a critical network sandbox bypass vulnerability, allowing attackers to exfiltrate sensitive data, including user credentials and source code. Discovered by…
Researcher Hung Nguyen from Calif used Anthropic’s Claude Code AI to identify zero-day remote code execution (RCE) vulnerabilities in Vim and GNU Emacs. The vulnerabilities allow arbitrary command execution simply by…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…