Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Researchers found a way to trick AI coding assistants like Claude into running malware hidden in GitHub repositories. Here's ...
Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal ...
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results