Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of ...
Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot ...