Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Claude Sonnet 5 is the most agentic Sonnet model yet, rivaling Opus 4.8 in performance at lower prices, Anthropic said.
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The offices of Google are pictured in London on February 28, 2026. JUSTIN TALLIS/AFP via Getty Images Google released agents-cli on April 21, 2026, and it has shipped 13 updates in the 71 days since — ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Anthropic’s Claude models are now generally available in Microsoft Foundry, giving Azure developers and enterprise application teams another major frontier model option inside Microsoft’s cloud AI ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Anthropic's Claude family of AI models is now generally available in Microsoft Foundry on Azure, giving enterprise developers another frontier model they can deploy, manage and govern through ...
Princeton’s CEO-Bench gave 14 AI models $1 million to run a simulated SaaS startup for 500 days. Most went bankrupt or lost ...
Everything you need to know about how we analyzed the 13,000+ comments submitted in the federal government’s request for ...