Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
A new technical paper, Agentic Hardware Design as Repository-Level Code Evolution, was published by researchers at Nvidia ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
Sourcegraph, the code intelligence platform that helps enterprise engineering teams understand, oversee, and evolve their codebases, announced public beta availability of Agentic ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, and credential risk.
LayerX found that BioShocking could trick AI browsers into leaking credentials by disguising malicious prompts as game rules.
Godot has updated its contribution policy and "take[n] steps" to reduce "demoralizing" AI contributions. In a frank statement posted on its website, the Godot Foundation talked candidly about the ...
Robot skill library ASPIRE — released June 29 by NVIDIA and collaborators — gives robots persistent memory by storing every debugging fix as a named, reusable code pattern. It pushed bimanual handover ...
Malicious apps got into the Arch User Repository - how to protect yourself ...