Anthropic is expanding its AI-powered code security program to 150 new partners from critical infrastructure sectors, as the initial 50 partners have already identified over 10,000 critical vulnerabilities.
The JINX-0164 group compromises crypto developers through fake LinkedIn job interviews to deploy the Python malware AUDIOFIX, which steals passwords, SSH keys, and cryptocurrency wallet data.
At least 32 Red Hat npm packages were infected with a credential stealer that simultaneously manipulated GitHub workflows to publish additional packages with forged SLSA attestations and expand supply chain access.
Enterprise security is transforming from static breach assumptions to AI-orchestrated, hyper-segmented defense models with dynamic access control policies.