🚨BREAKING: The U.S government gave Anthropic 90 minutes to shut down Fable and Mythos “Amazon AND others” called senior administration officials to warn about models’ capabilities Then: 1:00pm: Government calls. “Take it down.” Cites “national security threat.” No details. Anthropic asks what the threat is so they can fix it. Government said NO. 5:30pm: Commerce letter arrives with export controls. You have 90 minutes…

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…

@ClaudeDevs @bcherny, please help me understand. Does this mean that automatically, I was switched to Opus when trying to use Fable?

It's not you, it's me:

The OpenAI API and Codex are now on Amazon BedRock 🎉

💡Recent insight: gaslighting @claudeai seems to improve code quality >90% of the time. “You overengineered this, there is a simpler way” “There is a smaller delta that buys us most of the benefits” “There is a more elegant way” “This is not architecturally coherent” …before I even read its code. 😆

I smell a takedown in 3...2...1 clawd.rip/

wait... you did what?!

🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.​io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

Update: Google has re-opened the report and is now treating it as a P0 bug

We just shipped NVIDIA-Verified Agent Skills 🔐 Skills make your agent more capable, but can also introduce vulnerabilities. Verified skills give you transparency into what a skill does, where it came from, what risks it carries, and whether it's been modified. Every verified skill carries a skill card and is built on the agentskills.io open specification to work reliably across @claudeai Code, @openai Codex, and @cursor_ai.

Don’t forget to install Socket Firewall too! socket.dev/blog/introducing-…

Deleting a Google API key doesn't revoke it immediately. Our research found successful authentications up to 23 minutes after deletion across Google's infrastructure. During that window, attackers with a leaked key can still access enabled APIs, including Gemini. Google closed our report as "won't fix."

We're benchmarking every model, every quant, on every different hardware setup for every price point. All developers, companies, and people will have access to local, open source intelligence. Releasing soon.