SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

U.S. analyst’s missed remark surfaced in inquiry into deadly Iran school strike

An analyst's missed remarks and U.S. intelligence systems that weren’t connected to one another are among the missteps ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...