AI's Dual Edge: Anthropic's DMCA Blunder and a Looming Cybersecurity Crisis

Theo - t3․gg
#ai #cybersecurity #dmca #anthropic #github

Software developer and streamer “Theo” recently revealed a surprising DMCA incident involving Anthropic. While covering the leaked Claude source code, Theo received a Digital Millennium Copyright Act strike on GitHub. Intriguingly, the DMCA was not aimed at a fork of the illicitly leaked source but at Theo’s fork of Anthropic’s official Claude code repository, where he had made a trivial one-word change. This broad and erroneous enforcement, which initially targeted an estimated 8,100 repositories, was swiftly retracted by Anthropic for all but 97 specific repos containing the actual leaked code and its direct forks. Anthropic employees publicly attributed the blunder to a “communication mistake,” a rare instance of transparent, human-centric engagement that Theo noted was a positive, albeit forced, response to crisis. Despite the retraction, Theo criticized Anthropic’s overall strategy, arguing that the entire crisis stems from their insistence on keeping Claude closed-source, making them vulnerable to such incidents.

The stream also delved into the alarming advancements of AI in cybersecurity, painting a grim picture for future digital safety. Leading models like Claude and GPT-5 are demonstrating unprecedented capabilities in identifying software vulnerabilities. Instances include remote kernel RCEs discovered with Claude in under 40 prompts, and AI-assisted exploits in popular frameworks like React and Next.js. OpenAI reportedly reroutes security-sensitive queries from its advanced GPT-5.3 and 5.4 models to the less capable 5.2, acknowledging the “insane” potential for misuse. Security experts, including Thomas (a respected technologist), now foresee a “post-attention scarcity world” where AI agents can tirelessly hunt for zero-day vulnerabilities across all software, from operating systems to critical infrastructure. This shift portends a future where exploit development is democratized, overwhelming open-source projects with high-severity bug reports and raising concerns about ineffective political regulation, ultimately threatening the core tenets of vulnerability research and internet security.