SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Bleeping Computer

Klue OAuth breach victim list grows as Icarus hackers claim attack

ReliaQuest observed attackers generating OAuth tokens and using Python scripts to query Salesforce's API for extended periods, as data was stolen. Huntress later disclosed that its own Salesforce ...

The Steam Workshop Is Being Used To Spread Malware To Thousands Of Users

Steam is one of the most popular storefronts in PC gaming, but it turns out that the Steam Workshop might presently be ...