Canada's Daily Cybersecurity Intelligence
Claude Code GitHub Action Flaw Enabled Full Repository Takeover via a Single Bot Issue A critical vulnerability in Anthropic’s Claude Code GitHub Action gave attackers the ability to fully compromise any public repository running the tool, using nothing more than a single GitHub issue submitted by a bot account. Discovered by security researcher RyotaK of … Read more
AI-Built Ransomware Toolkit Automates EDR Evasion, Leverages Claude Agents for Attack Development Researchers at Sophos have uncovered an active threat actor operating a fully functional, AI-built ransomware toolkit that automates Active Directory (AD) reconnaissance, systematically tests endpoint detection bypass techniques, and uses multiple AI agents, including one powered by Claude Opus 4.5, to build and … Read more
Anthropic Confirms Claude Mythos AI Models Are Coming to the General Public Anthropic has confirmed that it will bring Claude Mythos-class models to general public availability, ending one of the most tightly controlled AI model restrictions in the industry. The company withheld the model from public release since April 2026, citing the risk that a tool capable … Read more