SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
ADTmag

Spring Tools 5.2.0 Adds Experimental Claude Code Plugin and Spring AI Support

The release includes an embedded MCP server that exposes Spring project analytics to AI coding assistants, along with first-class support for Spring AI and automated property refactoring.
Tech Times

Karpathy CLAUDE.md Grows to Ten Rules: New Self-Check Protocol for AI Coding Loops

Karpathy CLAUDE.md ten rules: a document attributed to Andrej Karpathy began circulating Friday, adding six agent self-check ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

How People in China Keep Outsmarting Anthropic’s Geolocation Restrictions

As Anthropic tightens restrictions on access to Claude in China, users keep finding new workarounds, from proxy services to fake identities sourced on Telegram.

Anthropic’s Claude is winning over paid consumers, a market owned by ChatGPT

Despite ChatGPT's commanding market lead, consumers who pay for AI have been increasingly choosing Anthropic's Claude, data ...

RGA Investment Advisors Q1 2026 Investment Commentary

RGA Investment Advisors details how AI is transforming its investment process and highlights AWS as a key beneficiary. Read ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.