Claude Report — 2026-06-25

🚀 Anthropic Official

Anthropic Accuses Alibaba of Large-Scale Distillation Attack on Claude (June 24)

Anthropic sent a letter to the U.S. Senate Banking Committee accusing operators linked to Alibaba's Qwen AI lab of conducting the "largest known distillation attack" on Claude — approximately 25,000 fraudulent accounts executing 28.8 million exchanges between April 22 and June 5 to systematically harvest Claude's software engineering and agentic reasoning capabilities. Anthropic is calling it "adversarial distillation" and is seeking government action to block the practice of extracting advanced model capabilities without primary R&D investment.

Claude as Agent Provider in GitHub Copilot for JetBrains IDEs — Public Preview (June 22)

Claude Code CLI enters public preview as a selectable agent provider inside GitHub Copilot for JetBrains IDEs (IntelliJ, PyCharm, WebStorm, and others); install the CLI, set the binary path in IDE settings, then select Claude from the agent picker. Currently runs in bypass-permissions mode (all edits auto-approved); configurable permissions are planned. The same release adds org/enterprise custom agent distribution to Copilot and a new async messaging interface for the Copilot CLI.

Claude Code v2.1.191 (June 24)

Adds /rewind support for resuming a conversation from before /clear was run; permanently stops background agents when stopped from the tasks panel (no more resurrection after navigating away); coalesces terminal text updates to 100 ms intervals, cutting CPU usage ~37% during streaming; reduces long-session memory growth from the terminal output cache; adds retry logic in MCP servers for transient network errors; improves the sandbox network permission dialog so hosts approved with "Yes" are remembered for the session.

Claude Code v2.1.186 (June 22)

Adds claude mcp login <name> and claude mcp logout <name> commands to authenticate MCP servers from the shell without entering an interactive session, with --no-browser support that prints the OAuth URL to stdout for SSH/headless environments; background subagents now surface permission prompts in the main session instead of silently auto-denying them; bash ! commands automatically trigger Claude responses (opt-out via "respondToBashCommands": false).

anthropic-sdk-python v0.112.0 + anthropic-sdk-typescript v0.106.0 (June 24)

Both SDKs simultaneously ship support for system.message streaming events (new event type in the Claude API stream); add a new refusal category to the API spec; and add support for sending a User Profile ID in request headers for downstream personalization. The Python SDK additionally fixes a bug in the memory tool that failed to create parent directories with the correct permissions.

🔌 Claude Code Plugins

Plugin ranking cache unavailable — no feature-level plugin updates confirmed in the window.

Unchanged in window: tracking skipped — plugin ranking cache unavailable this cycle

🛠️ Skills

None of the top 5 updated in window.

Unchanged in window: anthropics/knowledge-work-plugins, alirezarezvani/claude-skills, Piebald-AI/claude-code-system-prompts, glebis/claude-skills, ComposioHQ/awesome-claude-skills

🤖 Agents & Subagents

claude-agent-sdk-typescript v0.3.191 (June 24)

Adds old_source field to NotebookEdit tool results for replace and delete operations, enabling inline diff rendering in agent UIs; adds seven_day_overage_included to SDKRateLimitInfo.rateLimitType for per-model weekly usage limit tracking; adds model_scoped array to usage responses exposing per-model weekly limit windows, current utilization, and reset timestamps; fixes fast mode reverting to standard after the first turn when settingSources includes user/project settings files.

claude-agent-sdk-python v0.2.110 (June 24)

Bundles Claude CLI v2.1.191; all v2.1.191 improvements — /rewind-after-clear, ~37% streaming CPU reduction, MCP retry logic, and permanent background-agent stop — land automatically via pip install --upgrade claude-agent-sdk.

Unchanged in window: nicobailon/pi-subagents, Chachamaru127/claude-code-harness

🔗 MCPs & Integrations

awslabs/mcp 2026.06.20260625003520 (June 25)

CloudWatch Application Signals gains error pattern analysis with before/after comparison for incident RCA; the Redshift MCP server adopts sqlglot for safe read-only query parsing; the AWS Documentation MCP server surfaces per-result recommended sections in search_documentation responses; AWS CLI upgraded to v1.45.36 and a shared profile-aware logs client is implemented across servers.

Unchanged in window: github/github-mcp-server (last: June 18 v1.4.0), modelcontextprotocol/python-sdk (last: June 16 v2.0.0a2), modelcontextprotocol/typescript-sdk (last: June 16), portainer/portainer-mcp (last: June 18 v2.42.6)

💡 Community — Workflows & Ideas

No relevant news today.

📰 Quick Mentions

Relevant links that don't warrant a section of their own:

• claude-agent-sdk-python v0.2.107 (June 22) — bundles Claude CLI v2.1.186, delivering claude mcp login/logout and background-agent permission-prompt surfacing to Python agent code
• claude-code-action v1.0.157 (June 24) — new release with no published changelog; CI pipelines on @latest pick it up automatically
• Fable 5/Mythos 5 removed from paid plans (June 23) — both models were removed from Pro/Max/Team/Enterprise included benefits on June 23 (planned change predating the suspension); both remain offline globally as of June 24, twelve days after the US government export directive, with no public restoration timeline