SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
GitHub

pip install git+https://github.com/tatsy/torchmcubes.git --> error #48

× python setup.py bdist_wheel did not run successfully. │ exit code: 1 ╰─> [20 lines of output] running bdist_wheel running build running build_py creating build creating ...
GitHub

nrd-14d.adblock.txt

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
LinkedIn

Full-Stack Developer Roadmap for 2026

You get a SARIF file to upload to GitHub code scanning, a CycloneDX SBOM, and a self-contained HTML report for the humans. No agent, no cloud, no code leaving your runner. It even works fully offline.