The Next Web

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned ...

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...
iHLS Israel Homeland Security

Researchers Found a Prompt Injection Flaw in Claude Code

AI-powered coding assistants are increasingly being integrated into software development pipelines, helping developers review ...