RSS
Last updated: May 13, 2026 at 5:42 AM UTC
All 208 Vulnerability 72 Breach 41 Threat 88 Defense 7
Tag: sentinelone (2 articles)Clear
threat
2026-04-30

Anthropic launches 'Claude Security' for enterprises - the first major defensive product designed to keep up with AI-powered exploits that compress the time-to-attack to minutes

Anthropic launched Claude Security in public beta yesterday, an enterprise tool that scans code repositories for vulnerabilities, rates each finding's severity and confidence, and generates patch instructions that engineers can apply through Claude Code. The launch is direct response to Mythos and similar AI-driven offensive tools that have been compressing the time between vulnerability disclosure and active exploitation - LiteLLM was exploited 36 hours after disclosure last week, LMDeploy in 13 hours the week before. CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, Trend, and Wiz are integrating Claude Opus 4.7 into their platforms.

anthropicclaude-securityclaude-opus-4-7mythosai-defensetime-to-exploitenterprisecrowdstrikemicrosoftpalo-altosentinelonewiz
Check
If your organization holds a Claude Enterprise subscription, evaluate Claude Security against your existing static analysis tools this week.
Affected
Claude Enterprise customers can access Claude Security in public beta now via claude.ai/security or the Claude.ai sidebar. No API integration required. Team and Max access is coming soon. The deeper relevance is for any security team facing the new exploitation cadence: AI-driven offense has shrunk the patch window for several recent disclosures.
Fix
Pilot Claude Security on a non-critical repository first - point it at a side project before pointing it at production code. Scheduled scans give ongoing coverage rather than one-off audits. Pair the output with Claude Code on the Web to work through patches in a single session. For organizations not on Claude Enterprise: evaluate Aisle, Wiz Code, or GitHub Copilot Autofix on confidence rating and false positive rate.
threat
2026-04-25

Researchers find 20-year-old malware that secretly faked engineering math results

Researchers at SentinelOne found malware from 2005 that did something nobody had documented before: it quietly made engineering simulation programs give wrong answers. Instead of stealing data or crashing systems, it tampered with the math behind tools like LS-DYNA (used to design things like car crash safety and weapons), so the results looked normal but were subtly off. The malware, called fast16, is older than Stuxnet - the famous attack on Iran's nuclear program - by five years. Its name appears in leaked NSA files, suggesting the US built it. Discovered via an old file uploaded to VirusTotal in 2016.

fast16sentinelonestuxnetsabotageluaengineeringls-dynapkpmmohidshadowbrokershistorical
Check
If your environment includes engineering or scientific simulation software (LS-DYNA, PKPM, MOHID, ANSYS), treat the SentinelOne IoCs as a hunt opportunity even on legacy hardware.
Affected
Organizations using high-precision engineering simulation tools - LS-DYNA, PKPM structural analysis, MOHID hydrodynamics - in defense, civil engineering, energy, automotive, or research contexts. The fast16 driver only runs on pre-Windows 7 single-core hardware, so the active risk is forensic. The calculation-corruption pattern is the threat model worth understanding.
Fix
Pull SentinelOne's published YARA rules and IoCs and run them against archived disk images, retired engineering workstations, and air-gapped pre-2010 systems. The broader operational lesson: treat simulation outputs as a high-value target. Audit who can modify simulation binaries, sign and verify simulation results, and add integrity checks to long-running calculation pipelines.