TechJuice

Researchers Claim Malicious Repositories Turn Claude Code Into an Ideal Hacker’s Tool

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Dark Reading

Meta AI Models Cracked Open With Exposed API Tokens

Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model (LLM) repositories, in a troubling demonstration of the supply chain risks ...
SiliconANGLE

Fortinet identifies thousands of malicious software packages exploiting open-source repositories

A new report out today from Fortinet Inc.’s FortiGuard Labs highlights a growing wave of malicious software packages exploiting system vulnerabilities. Based on data collected since November 2024, the ...