2 Matching Annotations
  1. Jun 2026
  2. red.anthropic.com red.anthropic.com
    Claude Mythos Preview \ red.anthropic.com
    1
    1. fxp007 05 Jun 2026
      Over 99% of the vulnerabilities we've found have not yet been patched, so it would be irresponsible for us to disclose details about them. Yet even the 1% of bugs we are able to discuss give a clear picture of a substantial leap in what we believe to be the next generation of models' cybersecurity capabilities.

      「99%尚未修补」揭示了一个严峻的现实:这篇博文所讨论的内容,只是Anthropic已知漏洞库的冰山一角。负责任披露流程的时间成本(90+45天)意味着在这些漏洞被公开之前,存在一个漫长的窗口期,期间只有Anthropic和其合作伙伴知道这些漏洞的存在。SHA-3承诺机制是一个值得称道的问责工具,但它无法解决底层的信息不对称问题。

      responsible-disclosure vulnerability-pipeline information-asymmetry
    Visit annotations in context

    Tags

    Annotators

    URL

    red.anthropic.com/2026/mythos-preview/
  3. Apr 2026
  4. lists.haxx.se lists.haxx.se
    https://lists.haxx.se/pipermail/daniel/2026-April/000153.html
    1
    1. fxp007 24 Apr 2026
      we probably will publish more curl vulnerabilities in 2026 than we have done in many years, maybe ever.

      大多数人认为随着安全实践的提升,软件漏洞数量应该减少,但作者预测2026年curl的漏洞发布数量可能会创下历史新高。这一观点挑战了'安全状况持续改善'的主流认知,暗示AI安全审计工具可能正在发现更多过去被忽视的漏洞。

      non-consensus security-trends vulnerability-disclosure
    Visit annotations in context

    Tags

    Annotators

    URL

    lists.haxx.se/pipermail/daniel/2026-April/000153.html