SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
CNET

Chrome Has Been Secretly Downloading AI to Your Computer. Here's What You Can Do

Chrome has been automatically downloading Gemini Nano (a 4GB AI model) to users' computers without notification or an easy way to prevent it. Alex Valdes from Bellevue, Washington has been pumping ...