SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Buckle Up: The Bad Guys Now Have A Model As Powerful As Mythos

China now has an open-weight model that can find software vulnerabilities and create attacks for anybody to use.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Communications of the ACMOpinion

Hidden Prompts in Manuscripts Exploit AI-Assisted Peer Review

Moving forward requires coordinated technical, policy, and educational responses. An outright ban on AI in peer review, as is ...
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...