SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

U.S. analyst’s missed remark surfaced in inquiry into deadly Iran school strike

An analyst's missed remarks and U.S. intelligence systems that weren’t connected to one another are among the missteps ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...