Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
A newly-disclosed exploit in Claude Code’s ‘auto-mode’ leaves developers facing remote code execution (RCE) vulnerabilities ...
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human ...
Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
With the ability to take control of distributed devices at scale, HalluSquatting has the potential to achieve various ...
CrashStealer uses a notarized macOS dropper to pass Gatekeeper, then steals browser, wallet, password manager, file, and ...
Omp (oh-my-pi) is a batteries-included terminal coding agent with LSP, debugger, subagents and hash-anchored edits. Here's ...
UAT-7810, the Chinese APT behind a prolonged espionage infrastructure campaign, has added new backdoors to its arsenal.
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, ...
Agentic coding tools vulnerable to command execution via DNS records ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results