Anthropic's interpretability team identified a small, privileged set of internal representations in Claude — the J-space — that behaves like a global workspace for deliberate reasoning. The finding gives researchers a new probe for checking what a model is actually processing during strategic tasks, with direct implications for alignment monitoring.
Epoch.ai tracked CVE disclosures from 21 major organizations and found June 2026 hit roughly 1,500 serious vulnerabilities — 3.5× the previous monthly peak. The spike correlates directly with Anthropic's Project Glasswing deploying Mythos Preview across major tech infrastructure. The 10,000+ vulnerabilities Glasswing found are mostly still unpublished.
A developer reverse-engineered Claude Code's client JavaScript and found it silently substitutes Unicode apostrophes in system prompts to fingerprint requests routed through custom API base URLs — encoding domain-list hits and timezone signals in characters visually indistinguishable from ordinary text. The finding raises the usual trust question: should a developer tool that runs in your terminal quietly rewrite what it sends?
Anthropic disclosed to the US Senate that operators affiliated with Alibaba ran 28.8 million exchanges against Claude through 25,000 fraudulent accounts over six weeks — the largest known distillation attack against Anthropic. The numbers are real; the framing is lobbying.
Anthropic's Phase Two of Project Fetch has Claude Opus 4.7 completing a four-task robotic quadruped challenge nearly 19× faster than a human team with AI assistance and generating a tenth of the code — through no robotics-specific training. The robot still can't autonomously retrieve the beach ball. That combination of dramatic capability transfer and stubborn physical limits tells you something interesting about where general AI scaling is and isn't working.
John Jumper, who led AlphaFold and won the 2024 Nobel Prize in Chemistry, is leaving Google DeepMind for Anthropic. The interesting question isn't who won the talent war — it's what his choice says about where the hard problems in biology AI go next, and why a safety-focused lab might actually be the right place to work on them.
Anthropic published a study showing Opus 4.7 matching or beating ChemDraw and MestReNova on 1D NMR spectroscopy tasks. The 80% J-coupling spacing accuracy — versus 26–35% for dedicated software — is the surprising number. The bidirectional structure elucidation capability has no direct equivalent in existing tools.
The US government banned Anthropic's Fable 5 and Mythos 5 globally after a narrow jailbreak was found that could unlock Mythos's autonomous offensive cybersecurity capabilities. Anthropic disputes the decision as disproportionate. The real issue is harder than either side is saying: you can't export-control your way out of a model that already knows how to hack.
Anthropic's engineering post on Claude containment describes three different sandboxing approaches across claude.ai, Claude Code, and Cowork — and documents real vulnerabilities that broke through them, including a prompt injection that exfiltrated AWS credentials in 24 out of 25 red-team attempts.
Simon Willison's May 27 analysis documents the concrete evidence that enterprise coding agents have found genuine product-market fit: Uber burned through its entire 2026 AI budget in four months, Anthropic signed a $1.25B/month compute deal with xAI through 2029, and Anthropic is on track for a first profitable quarter. The signal is in the invoices.
Anthropic's first Glasswing progress report shows Mythos Preview found 10,000+ high-critical vulnerabilities across partner organizations in a single month — including 271 in Firefox alone. The hard constraint is no longer discovery. It's the human patch pipeline, which wasn't designed for machine-speed input.
Cloudflare tested Anthropic's Mythos Preview — a security-focused model released under Project Glasswing — against fifty of its own internal repositories. The model can do something earlier tools couldn't: chain small vulnerability primitives into working exploits, then write and run proof-of- concept code to confirm exploitability. Cloudflare's eight-stage agent pipeline is a detailed blueprint for how production-grade AI security research actually has to be structured.
Anthropic acquired Stainless — the startup that generates official SDKs for OpenAI, Google, Cloudflare, Replicate, and hundreds of others — for a reported $300M+. The hosted SDK generator will be wound down, meaning competitors lose access to the automated multi-language library generation Stainless has provided since 2022. The acquisition positions Anthropic to control the MCP server tooling layer as agent connectivity becomes the key platform battleground.
Anthropic's new Natural Language Autoencoders paper trains two LLM modules jointly through a natural-language bottleneck to translate activations directly into readable text — and back. Pre-deployment audits of Claude Opus 4.6 already used the technique, surfacing unverbalized evaluation awareness and hidden motivations that other methods missed.
Apple Support app v5.13 accidentally shipped two CLAUDE.md instruction files in the app bundle, exposing internal architecture context including a shared UI library called SAComponents and a chat module with three participant roles. Apple pushed v5.13.1 hours later to remove them, but not before the contents circulated.
GitHub paused new Copilot Pro signups and tightened limits on April 20, citing agentic workflows that exceed original plan assumptions. Two days later, Anthropic briefly moved Claude Code from its $20 Pro plan to its $100 Max plan before reversing under backlash. Both events reflect the same structural problem: per-seat flat-rate billing doesn't work when a single user session can run for hours.
Claude Opus 4.7 shipped April 16 with an unchanged sticker price, but the real migration cost is higher than the headline: a new tokenizer quietly inflates token counts by 20–35% on code and technical text, and three commonly-used sampling parameters—temperature, top_p, top_k—now return a 400 error instead of being silently ignored.
Anthropic shipped Claude Code Routines in research preview: saved Claude Code configurations that run autonomously on Anthropic-managed cloud infrastructure on a schedule, triggered by an API call, or fired by GitHub events. The pieces have been building toward this — long-horizon sessions, Managed Agents, the advisor tool — and cloud-scheduled unattended execution is the natural next step.
Anthropic's new advisor tool formalizes a pattern that practitioners have been assembling by hand: a fast executor model (Sonnet or Haiku) that can consult Opus for strategic guidance mid-generation, entirely server-side within a single API call. The benchmarks show real gains and the implementation is notably clean — but the more interesting shift is architectural: it treats Opus-level intelligence as a resource to be invoked selectively rather than paid for on every token.