SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
来自MSN

OpenAI acquires Astral, the Python startup whose tools run on millions of developer machines

OpenAI is acquiring Astral, the startup whose tools quietly run inside the workflows of millions of Python developers. The deal drops Astral's team into the Codex group, and the timing is not subtle: ...