SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...
ADTmag

Spring Tools 5.2.0 Adds Experimental Claude Code Plugin and Spring AI Support

The release includes an embedded MCP server that exposes Spring project analytics to AI coding assistants, along with first-class support for Spring AI and automated property refactoring.
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...