Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

CISA warns of max severity Ubiquiti flaws exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity ...
The White House

SECURING THE NATION AGAINST ADVANCED CRYPTOGRAPHIC ATTACKS

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered: Section 1.  Background ...
GhanaWeb - Ghana HomePage

AI Coding Tools Can Be Tricked Into Running Malware: What Ghanaian Developers Need to Know

Researchers found a way to trick AI coding assistants like Claude into running malware hidden in GitHub repositories. Here's ...