AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results