SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Cult of Mac

Hack to skip the Siri AI waitlist no longer works — but there may be another way

The hack that some Mac users were using to try out the new Siri AI, skipping the waitlist, no longer works. Apple released the second developer beta of all its OS 27 updates yesterday. In macOS 27 ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI is changing the security landscape. More and more threat groups incorporate LLMs into their reconnaissance and exploitation workflows. The notion that some vulnerabilities are too complex to ...