SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
thecooldown

Giant python swallows 3 ducks behind farmer's house, then gets hauled back to the Sundarbans

A giant python that swallowed three ducks behind a farmer's house in a village next to the Sundarbans mangrove forest in Bagerhat, Bangladesh, ended up on a one-way trip back to the wild after ...

New macOS ClickFix attack silently mounts DMGs to push infostealer

A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from ...