Wiz says GhostApproval abuses symlinks so AI coding agents write to SSH keys or shell startup files while showing benign ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
China said specific versions of Claude Code posed back-door vulnerabilities that could send sensitive information to a remote ...
Six major AI coding assistants have been found to share a flaw that turns their approval prompts into a rubber stamp, letting a malicious repository write to sensitive files on a developer's machine ...