Claude Security beta, Adobe MCP, and 50+ Code fixes

Anthropic opened a private beta for Claude Security, an enterprise add-on that layers prompt injection detection, output classification, PII redaction, and per-request audit logs on top of standard API access. Apply via the console. GA expected Q3 2026.

OpenAI shipped GPT-4.1 with claimed improvements on coding and long-context tasks. Early community benchmarks show Claude 3.7 still leading on instruction following and tool use, with GPT-4.1 narrowing the gap on MATH and HumanEval.

Leaked internal benchmarks for deepseek-r2 circulated on Twitter. If accurate, the model closes within ~8% of Claude 3.7 on coding tasks at roughly 1/10th the API cost. Take with salt — provenance is unverified.

Alongside the beta launch, Anthropic published a field guide covering threat models for enterprise Claude deployments: prompt injection attack surfaces, jailbreak resistance baselines, output monitoring strategies, and recommended CLAUDE.md security headers.

A security researcher published a detailed case study on prompt injection propagation across a 3-hop Claude agent pipeline. The injected payload survived two tool-call boundaries. Anthropic confirmed the pattern and it informed the Claude Security beta design.

Claude Code 1.9.0 is the largest patch release since launch. Highlights: hooks system (PreToolUse, PostToolUse, Stop) promoted from experimental to stable; memory system performance at 2× prior speed; 50+ bug fixes across MCP integration, sub-agent spawning, and IDE extensions.

With hooks now stable, the community published a curated collection of pre-built hooks on GitHub. Popular hooks: auto-commit on Stop, Slack notification on task completion, cost tracker per session, and test-runner on PostToolUse Write.

A new /compact command in interactive Claude Code sessions summarizes and compresses the current conversation context in-place, freeing up context budget without starting a new session. Works well mid-task when you've been iterating on a file for a while.

Agent SDK 0.4.0 adds first-class streaming for tool call results (previously you had to buffer), configurable retry policies per tool, and a new AgentTrace object for structured observability without a third-party integration.

Adobe shipped an official MCP server covering Firefly image generation, Photoshop layer manipulation, and Frame.io review workflows. Enterprise customers can connect Claude to their Adobe org via API key. Community preview available on npm.

The MCP working group published a preview of the registry v2 spec. Breaking changes: server manifests require a capabilities field; auth is now OAuth-first; the tools array gains a required permissions sub-field. Migration guide in progress.

Toolprint is a browser-based visual editor for composing MCP tool pipelines. Drag-and-drop nodes, live test against Claude, export to skills.sh. Currently free in early access.

Cursor shipped 1.0 with agent mode promoted from preview. Uses Claude 3.7 under the hood for agent tasks by default. Notable: Cursor's YOLO mode (auto-accept all changes) is now opt-in per-session rather than global.

Anthropic closed a $3.5B Series F led by Google with participation from Spark Capital and General Catalyst. The round will fund model research, safety infrastructure, and enterprise go-to-market. AWS partnership terms reportedly extended through 2030.

Anthropic's interpretability team published findings showing internal representations in Claude 3.7 that loosely correspond to valence (positive/negative) and arousal states. The paper is careful not to claim sentience, but flags the features as relevant to model welfare research.