Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, ...
Agentic coding tools vulnerable to command execution via DNS records ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Learn how malicious AI agent skills easily bypass static scanners. Discover how runtime checking secures tools like Claude ...
SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
Anthropic’s AI coding agent silently encoded proxy hostnames and Chinese timezone data into invisible Unicode characters ...
SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...
SearchLeak and a three-CVE LiteLLM chain broke the same AI trust boundary in two weeks. A 5-check audit maps each gap to a ...
EXCLUSIVE Pentera Labs’ red teamers compromised a developer’s AI agent via his Claude Desktop app and ultimately turned that access into full remote code execution on the devs ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results