SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

A fintech company said its employee burned through $80,000 in tokens making a 'brainrot shooter game'

Slash is encouraging people to play the game so it can write it off as a "marketing expense." ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
PC Magazine

Google's Gemini AI Can Do a Lot, But Here Are 15 Features You'll Actually Use

Each plan adds more capabilities, better performance, and greater access to use Gemini's features. The free version is geared toward basic tasks, such as answering questions, summarizing text, ...