#cybersecurity

Anthropic put Claude Code Security into limited research preview for Enterprise and Team customers. The tool reasons over whole codebases, ranks severity and confidence, and proposes patches for human review.

IBM says attacks that started with exploitation of public-facing applications rose 44% year over year in its 2026 X-Force Threat Index. The report also says vulnerability exploitation made up 40% of incidents observed in 2025 and that more than 300,000 ChatGPT credentials were exposed by infostealers.

The Anthropic-Mozilla collaboration that spread on Hacker News disclosed that Claude Opus 4.6 found 22 Firefox vulnerabilities, 14 of them high-severity. The durable lesson is not autonomous magic but faster defender workflows built around validation, triage, and reproducible evidence.

Microsoft Threat Intelligence said on March 6, 2026 that attackers are now using AI throughout the cyberattack lifecycle, from research and phishing to malware debugging and post-compromise triage. The report argues that AI is not yet running fully autonomous intrusions at scale, but it is already improving attacker speed, scale, and persistence.

Anthropic published a March 6, 2026 case study showing how Claude Opus 4.6 authored a working test exploit for Firefox vulnerability CVE-2026-2796. The company presents the result as an early warning about advancing model cyber capabilities, not as proof of reliable real-world offensive automation.

OpenAI’s February 2026 safety report says it banned accounts linked to seven operations originating in China. The company says abuse covered cyber activity, covert influence, and scams, while overall malicious use remained low versus legitimate use.

OpenAI and Paradigm launched EVMbench, a benchmark for AI agent performance on smart contract detection, patching, and exploitation tasks. OpenAI reports GPT-5.3-Codex scored 72.2% in exploit mode versus 31.9% for GPT-5.

NVIDIA announced an OT and ICS cybersecurity push with partners including Akamai, Forescout, Palo Alto Networks, Siemens, and Xage. The architecture combines BlueField-based edge enforcement with centralized AI analysis to improve resilience in critical infrastructure.

OpenAI announced Frontier Alliances on February 23, 2026, positioning a partner-led model for enterprise AI transformation. The program formalizes collaboration across strategy, implementation, and domain workflows.

SecurityScorecard's STRIKE team found 40,214 OpenClaw AI agent instances exposed to the public internet with no authentication. Over 12,000 are vulnerable to Remote Code Execution, and attackers who compromise them inherit full system access including SSH keys, browser sessions, and filesystem control.

Anthropic has released Claude Code Security in limited research preview, targeting vulnerability discovery and patch suggestion workflows while keeping human approval at the center.

On February 20, 2026, Anthropic introduced Claude Code Security in limited research preview. The feature scans codebases for vulnerabilities and proposes patches, while keeping final remediation decisions under human review and approval.