A flaw in Anthropic’s Claude Code GitHub Action allowed an attacker to hijack public repositories simply by opening a malicious GitHub issue, requiring no authentication or special access. Because Anthropic’s own repository used the same vulnerable workflow, a successful attack could have injected malicious code into the action itself, poisoning every downstream project that consumes it. Researcher RyotaK of GMO discovered and reported the issue.

Architect’s Take: Audit any GitHub Actions workflows that trigger on untrusted events such as ‘issues’ or ‘pull_request_target’ and ensure they do not have write permissions or access to secrets without explicit trust gates. If you use Claude Code GitHub Action, verify you are pinned to a patched version and review your workflow permissions using the principle of least privilege.

Original advisory: Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Agentic AI systems are increasingly being deployed in defence and security networks, but this introduces new attack surfaces — illustrated by reports that an unauthorised group claimed access to Anthropic’s Claude Mythos model within hours of a limited technical preview. The incident highlights that AI capabilities in high-stakes environments are only as secure as the infrastructure underpinning them. Without robust access controls, segmentation, and identity governance, agentic AI deployments can become a significant liability rather than a force multiplier.

Architect’s Take: Before onboarding any agentic AI model into sensitive or defence-adjacent environments, conduct a thorough access control review: enforce least-privilege API access, implement strict identity verification for model endpoints, and ensure AI workloads are isolated within dedicated network segments with full audit logging enabled.

Original advisory: Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Anthropic has expanded its Glasswing partner programme fourfold, inducting 150 new organisations including the first non-US members, while UK banks have notably been excluded from the initiative. In parallel, OpenAI is offering UK financial institutions access to GPT-5.5, highlighting a competitive dynamic in AI partnerships within the regulated financial sector. The exclusion raises questions around data sovereignty, regulatory compliance, and which AI vendors UK-regulated entities can practically partner with.

Architect’s Take: Cloud security architects at UK financial institutions should assess the compliance and data residency implications of both OpenAI and Anthropic offerings before committing to either platform, paying close attention to FCA and PRA guidance on third-party AI risk and ensuring any AI partnership agreements include robust contractual controls around data handling and model governance.

Original advisory: UK banks offered access to OpenAI’s GPT-5.5 amid exclusion from Anthropic’s Glasswing expansion

Anthropic has expanded its Glasswing partner programme fourfold, inducting 150 new organisations including the first non-US members, while UK banks have notably been excluded. OpenAI has moved to fill the gap by offering UK financial institutions access to GPT-5.5. The development highlights growing competitive dynamics in enterprise AI access and raises questions about supply chain concentration risk for financial sector security teams.

Architect’s Take: Cloud security architects in UK financial services should assess the security posture, data residency commitments, and compliance certifications of any AI provider they are offered as an alternative — do not treat OpenAI’s GPT-5.5 access as a like-for-like replacement for Anthropic without conducting due diligence on API security controls, data handling agreements, and regulatory alignment with FCA/PRA expectations.

Original advisory: UK banks offered access to OpenAI’s GPT-5.5 amid exclusion from Anthropic’s Glasswing expansion

Cisco has publicly praised its AI model ‘Mythos’ for its performance in automated vulnerability discovery but has declined to disclose the number of bugs it actually found. Separately, Anthropic has expanded its Project Glasswing initiative by adding 150 new partners, signalling growing industry investment in AI-driven security tooling. The opacity around Mythos’ results raises questions about transparency and how organisations should evaluate AI security claims.

Architect’s Take: Treat vendor claims about AI-driven vulnerability discovery with scepticism until independently verifiable metrics are published — when evaluating AI security tooling, demand concrete, auditable outputs such as CVE counts, false-positive rates, and coverage scope before committing to any platform.

Original advisory: Cisco sings Mythos’ praises - but doesn’t say how many bugs the model uncovered