SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
itechify

Best AI Assistant Android: I Tested ChatGPT, Claude & Copilot

I spent the last month replacing Google Gemini with every major AI assistant available on Android. After running ChatGPT, Claude, and Microsoft Copilot through dozens of daily tasks, only one proved ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
IEEE

CID4IoT: IoT-Oriented Command Injection Vulnerability Detection Based on Critical Code Extraction and LLM Analysis

Abstract: The Internet of Things (IoT) devices have brought invaluable convenience to our daily lives. However, they also introduce significant security challenges. Common vulnerabilities in numerous ...
GitHub

why use many token when few do trick

A Claude Code skill/plugin (also Codex, Gemini, Cursor, Windsurf, Cline, Copilot, 30+ more) that makes agent talk like caveman — cuts ~75% of output tokens, keeps full technical accuracy. Brain still ...
Entrepreneur

The Man Behind Anthropic’s Claude Code Hasn’t Written a Line of Code in 8 Months — Here’s What He Does Instead

Boris Cherny is the creator of Anthropic’s Claude Code tool, which writes code on behalf of developers based on a text prompt. Cherny hasn’t handwritten code in eight months; instead, he manages ...
New York Post

Baby treated for rare epilepsy syndrome after doctors inject missing gene directly into his brain

An eight-month-old infant with rare but severe epilepsy has received an experimental gene replacement in a historic medical moment. The child was one of the first in the world to be treated with gene ...
Android

The Notification Trap: How a Text on WhatsApp Could Have Controlled Your Phone's AI

Security firm SafeBreach discovered a significant prompt injection flaw in Android’s Google Gemini that allowed malicious notifications from apps like WhatsApp or Slack to hijack the assistant. By ...
decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Add Decrypt as your preferred source to see more of our stories on Google. Microsoft researchers found that Anthropic's Claude Code GitHub Action could be manipulated through prompt injection attacks.
Microsoft

Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence discovered that Anthropic’s Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull ...
VentureBeat

Anthropic says 80% of its new production code is now authored by Claude — how your enterprise can keep up

Credit: VentureBeat made with OpenAI ChatGPT-Images-2.0 Anthropic co-founder and CEO Dario Amodei said it was coming, but it still feels like a milestone: More than 80% of the code merged into ...