Anthropic's Internal Model Finds Bugs Hidden Since 1998
“Le modele d'analyse de code interne d'Anthropic a decouvert des vulnerabilites critiques dans des bases de code en production depuis 1998. L'une d'elles se trouvait dans une bibliotheque utilisee par chaque banque en Europe. Dormez bien.”
Sally's not done with you yet.
Drop a URL, screenshot, or file and Sally will give you the honest truth.
Think your work can survive this?
Drop a URL, screenshot, or file and Sally will give you the honest truth.
What Actually Happened
- •Anthropic used an internal variant of Claude to analyze widely used open source libraries for security bugs.
- •The model identified several critical memory-handling vulnerabilities in code that had been in production since 1998.
- •One affected library is a dependency in payment processing systems used by major European banks.
- •Anthropic disclosed the bugs to maintainers before publishing the research and is not currently offering this capability as a paid product.
Who Got Burned
Chaque vendeur d'analyse statique qui facture aux entreprises six chiffres par an pour des outils qui n'ont pas detecte cela. Aussi chaque auditeur de conformite qui a signe des revues 'bonnes pratiques de l'industrie' des bibliotheques affectees.
Silver Lining
Les bugs ont ete corriges. La divulgation coordonnee a fonctionne. Et la prochaine generation d'outils d'analyse de code vient de voir le plafond, ce qui signifie que le plancher va monter pour tout le monde.
Your turn. Drop something.
Drop a URL, screenshot, or file and Sally will give you the honest truth.