SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Nature

In-sensor spectral decoding for efficient spectroscopic recognition

Conventional spectrometers rely on optical encoding and computational decoding to resolve spectral information. Although computational spectrometers merge spectral encoding with photodetection, the ...
GitHub

Midscene Python

midscene-python/ ├── midscene/ # Core framework │ ├── core/ # Core framework │ │ ├── agent/ # Agent system │ │ ├── insight/ # AI inference engine │ │ ├── ai_model/ # AI model integration │ │ ├── yaml ...
GitHub

Lighter web automation with Python

To get started with Helium, you need Python 3 and Chrome or Firefox. I would recommend creating a virtual environment. This lets you install Helium for just your current project, instead of globally ...