SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Developer Tech

Mozilla shows Claude Code malware risk in clean GitHub repo

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
SecurityWeek

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
Tech Times

Open-Source Coding Model Ornith-1.0 Writes Its Own Training Scaffold in Reinforcement Learning

Open-source agentic coding model Ornith-1.0, released today under the MIT license, uses a self-improving reinforcement ...
InfoQ

Microsoft Brings AI-Powered Vulnerability Remediation to Azure DevOps with Copilot Autofix

Microsoft has announced the limited public preview of Copilot Autofix for GitHub Advanced Security for Azure DevOps, ...

SimpleHelp Flaw Exploited to Deploy Malware Targeting Windows, macOS, and Linux

A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
winbuzzer.com

GLM-5.2 Tops Claude Code in Semgrep IDOR Benchmark

GLM-5.2, Z.ai’s open-weight model, has reached 39% F1 on Semgrep’s IDOR benchmark, beating Anthropic’s Claude Code coding assistant in the prompt-only lane. Claude Code scored 37% F1 with Opus 4.6 and ...