SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

'NoVoice' Android malware on Google Play infected 2.3 million devices

A new Android malware dubbed NoVoice exploited known vulnerabilities to gain root access and has been distributed through ...
GitHub

mbay7/claude-code-security

Runtime security for Claude Code workspaces. Blocks prompt injection, memory poisoning, secret exposure, and hook tampering — automatically, at every session ...
GitHub

context-file-injection.code-task.md

But agents often need to write longer research/analysis that doesn't fit the memory format. Currently this requires explicit PROMPT.md instructions like "write findings to .agent/". This should be a ...
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source ...
IEEE

VulKiller: Java Web Vulnerability Detection with Code Property Graph and Large Language Models

Abstract: In recent years, web application development has become more efficient, yet vulnerabilities still pose significant risks. Traditional static and dynamic detection techniques are prone to ...
IEEE

Detecting Reentrancy Vulnerabilities for Solidity Smart Contracts With Contract Standards-Based Rules

Abstract: The reentrancy vulnerability is one of the most notorious vulnerabilities of smart contracts. It enables attackers to hijack the control flow of a smart contract by invoking a function as ...