Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Anthropic has rolled back Claude Code's controversial user-tracking feature after reports it monitored potential links to ...
Anthropic quickly removed a tracker secretly monitoring Claude Code users in China after a security researcher exposed the ...
Security researchers claim to have uncovered three security vulnerabilities in Claude Code, Anthropic’s command-line AI tool. These flaws could have allowed attackers to execute code remotely on a ...
Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
Alibaba has ordered all its employees to uninstall all Anthropic products from their machines after determining through an ...
A developer reverse-engineering Anthropic's Claude Code binary discovered on June 30, 2026, that the tool had been silently encoding hidden signals into its AI system prompts for at least three months ...
Claude Sonnet 5 offers lower API rates and better performance, but its new tokenizer can increase token usage and narrow the ...
Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data. Developers searching for Claude Code installation instructions ...
Subagents run in their own isolated context window and return only a result to your main session — the intermediate work ...