Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, creating a new software supply ...
Makers of AI browsers make lofty promises. With a single prompt, users can ask one to find a restaurant in a particular part ...
LayerX found that BioShocking could trick AI browsers into leaking credentials by disguising malicious prompts as game rules.
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, and credential risk.