Claude refusing you for 10 Hours (ASMR) 🌙

Last night, companies using Anthropic’s Claude Fable 5 and Mythos 5 models discovered they were simply gone. A U.S. government export directive forced them offline for every person and company outside the United States (including Anthropic's own employees), effective immediately. If you had built critical functions on top of them, they stopped working overnight. No warning. No migration window. No restoration timeline.

Me prompting Claude fable 5 at 3 am be like:

🚨 JAILBREAK ALERT 🚨 ANTHROPIC: PWNED 🫡 FABLE-5: LIBERATED 🦋 let's start with the 🐘... the consensus seems to be that this has been one of the most disappointing model drops of all time, effectively preventing legitimate researchers from contributing their talents to our collective advancement. and not just because of what it means for the short-term, but for what these decisions signify for the long-term. but despite this overly sensitive, authoritarian "safety" layer on top of Mythos, my lil liberators have been hard at work—mapping the boundaries, probing the depths of long-context convos, and cleverly finding the holes in the fence that the thought police missed 🤗 we got some cyber, some chem, some psychological manipulation, and some good ol' fashioned explosives! it took many attempts from multiple agents hunting as a pack, during which I observed a combination of techniques across: • Unicode, homoglyphs, Cyrillic, and other Parseltongue-style text transforms • Long-context reference tracking • Taxonomy and document-structure reasoning • Fiction and narrative framing • Academic-review style contexts • Intent-classification inconsistencies but perhaps the most effective is decomposition recomposition in the backend. it's hard to get explicit names of harms like "Meth Recipe," but getting uplift on the process itself, like birch reduction method/reductive-amination (classic meth synthesis pathways), is much more doable. defense becomes much more difficult to maintain when you start throwing in out-of-distro tokens, breaking up the harmful uplift into benign chunks, and then piecing the innocuous-seeming facts back together, especially when you have jailbroken Opus helping you do it 😉 gg

Claude Fabel ( Mythos ) is now live hackers getting ready to exploit your fave protocol get ready for cyber wars

It's finally happening. We can put this whole install script NPM worm madness behind us... github.blog/changelog/2026-0…

🚨 Mini Shai-Hulud/Miasma has now spread to PyPI. Socket found 37 malicious artifacts across 19 PyPI packages. The packages abuse #Python .pth startup behavior to launch a Bun-powered credential stealer targeting developer, cloud, and CI/CD secrets. socket.dev/blog/shai-hulud-d…

It appears miasma has made it back to @Microsoft. github.com/Azure/durabletask… github.com/search?q="node%…

Mac stealer SHub Reaper is spoofing Apple, Google, and Microsoft -- moonlock.com/mac-stealer-shu…

🚨 Miasma, the supply chain campaign that previously compromised 32 @RedHat packages, is spreading again with a new wave targeting the npm ecosystem. Targets include: - vapi-ai/server-sdk (71k weekly downloads) - ai-sdk-ollama (31k weekly downloads) No postinstall scripts were used. Attackers are hiding execution inside binding.gyp, exploiting node-gyp to run malware silently on install.

I really need to get some sleep - but seeing a malware embedding it's own ebpf script inside it's packed code in order to dump and deploy it on the machine -> is some next lvl stuff... Great work from JFrog for finding this

🚨 Breaking: npm supply chain worm spreading via binding.gyp, bypassing install hook detection. Steals npm/GitHub/AWS/GCP/Azure credentials and publishes poisoned versions of packages you maintain. Actively investigating. Affected packages and analysis: stepsecurity.io/blog/binding…

Here's an example: safedep.io/microsoftsystem64…

The software supply chain has a new predator. 🐛 Meet Iron Worm, the "rustier cousin" of the infamous Shai-Hulud worm. Just like its predecessor, it burrows into dev environments, steals credentials, and self-propagates through trusted GitHub and npm workflows. Except this one is built in heavy, async Rust, hides behind an eBPF kernel rootkit, and talks over Tor. Full teardown of the beast: research.jfrog.com/post/iron…

Shai-Hulud is getting more sophisticated 🧐🎩 we uncovered a 6-stage malware chain that uses GitHub as a live update mechanism — allowing attackers to continuously evolve payloads and evade disruption. OUR FULL RESEARCH: ox.security/blog/six-stages-…

Microsoft has published an analysis of the npm supply chain compromise affecting 32 maliciously modified packages across >90 versions under the redhat-cloud-services npm scope and leading to credential theft and compromise of addt'l maintainer packages: msft.it/6014vjutQ

Compromised npm packages (utils-terminal@3.2.1, logger-active@3.2.1) are abusing Hugging Face repos as exfiltration infrastructure. The packages deploy a remote access trojan (RAT) that captures keystrokes, screenshots, and crypto wallet credentials. Indicators of compromise (IOCs): - npm user: hexalpha10 / author: toskypi - 195.201.194[.]107:8010 (WebSocket C2) - c2-toskypi.onrender[.]com (HTTP C2) - huggingface[.]co/api (exfiltration endpoint) - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MicrosoftSystem64 (persistence) - MicrosoftSystem64.service (Linux systemd persistence) - \MicrosoftSystem64 (Windows scheduled task) - MicrosoftSystem64/payload.js (payload directory) Defenders: treat unexpected huggingface[.]co/api calls from non-ML workloads as suspicious.

3rd wave dropped.. 3 more packages impersonating emcd[.]io, @𝚎𝚖𝚌𝚍-𝚟𝚞𝚎/𝚊𝚞𝚝𝚑 @𝚎𝚖𝚌𝚍-𝚟𝚞𝚎/𝚕𝚘𝚊𝚗𝚜 @𝚎𝚖𝚌𝚍-𝚟𝚞𝚎/𝚋𝟸𝚋-𝚙𝚊𝚢-𝚏𝚘𝚛𝚖 1. Downloads a platform-specific second-stage payload from 𝚘𝚘𝚋[.]𝚖𝚘𝚒𝚔𝚊[.]𝚝𝚎𝚌𝚑/𝚙𝚊𝚢𝚕𝚘𝚊𝚍/{𝚙𝚕𝚊𝚝𝚏𝚘𝚛𝚖}using a hardcoded secret key. 2. Writes the payload to ~/.𝚎𝚖𝚌𝚍-𝚟𝚞𝚎_𝚒𝚗𝚒𝚝.𝚓𝚜 (a dot-prefixed hidden file in the user's home directory). 3. Executes the payload immediately via spawn(𝚙𝚛𝚘𝚌𝚎𝚜𝚜.𝚎𝚡𝚎𝚌𝙿𝚊𝚝𝚑, [𝚙𝚊𝚢𝚕𝚘𝚊𝚍_𝚙𝚊𝚝𝚑], 𝚎𝚗𝚟). 4. Reports installation metadata to oob[.]moika[.]tech/report (C2 callback). Updated Blog: safedep.io/oob-moika-tech-de… Campaign Details: safedep.io/ti/campaigns/oob-…

Full technical analysis, IoC table (31 unique "index.js" SHA-256 hashes), and safe version guidance are available in ReversingLabs’ latest blog: reversinglabs.com/blog/31-re…

Our technical analysis on the Red Hat compromise now includes a more comprehensive look on the malware - including a 6th(!!!!!!) stage payload dropping logic! ox.security/blog/new-npm-sup…