SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

New attack provides one more reason why AI browsers are a bad idea

Makers of AI browsers make lofty promises. With a single prompt, users can ask one to find a restaurant in a particular part ...

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
Dark Reading

Attackers Hijack Exposed AI Endpoints to Power Offensive Ops

Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.