Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
UAT-7810, the Chinese APT behind a prolonged espionage infrastructure campaign, has added new backdoors to its arsenal.
With the ability to take control of distributed devices at scale, HalluSquatting has the potential to achieve various ...
A newly-disclosed exploit in Claude Code’s ‘auto-mode’ leaves developers facing remote code execution (RCE) vulnerabilities ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human ...
Omp (oh-my-pi) is a batteries-included terminal coding agent with LSP, debugger, subagents and hash-anchored edits. Here's ...
Agentic coding tools vulnerable to command execution via DNS records ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results