SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
CoinDesk

SBI's $289 million Bitbank deal is symptomatic of Japan's crypto consolidation: Architect Partners

The investment bank said the purchase of Japanese crypto exchange Bitbank is a bet on regulated scale as sweeping reforms ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Decrypt

Leaked Code Suggests Anthropic Is Preparing to Bring Fable 5 Back

A leaker found new strings inside Claude Code that hint at weekly Fable 5 usage built into subscription plans, not sold separately as before.
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
InfoWorld

Using Visual Studio Code’s ‘air-gapped’ AI model mode

VS Code can use LLM models other than GitHub Copilot’s built-in providers for AI-assisted development, including local and ...