SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack ...

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Developer Tech

Mozilla shows Claude Code malware risk in clean GitHub repo

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

How ChatGPT Actually Picks Sources (I Read The Network Traffic, Not The Outputs)

This study from Suganthan reveals hidden fields in ChatGPT's network traffic that decide which sources get fetched, cited, or ...