SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
ADTmag

Spring Tools 5.2.0 Adds Experimental Claude Code Plugin and Spring AI Support

The release includes an embedded MCP server that exposes Spring project analytics to AI coding assistants, along with first-class support for Spring AI and automated property refactoring.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Computer Weekly

Secure Code Warrior CEO on surviving the AI ‘vulnerability apocalypse’

As enterprises embrace agentic AI and vibe coding, Secure Code Warrior CEO and co-founder Pieter Danhieux warns that ...