SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
InfoWorld

Using Visual Studio Code’s ‘air-gapped’ AI model mode

VS Code can use LLM models other than GitHub Copilot’s built-in providers for AI-assisted development, including local and ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
XDA Developers on MSN

My local LLM is helping me use Claude more effectively, and it's the perfect one-two punch for my workflow

I stopped throwing everything at Claude Code ...
Military.com

DOD Officially Drops 180 Faiths From Military's Recognized Religion List

The seal is seen on a podium at the Pentagon, Wednesday, Dec. 10, 2025, in Washington, before Defense Secretary Pete Hegseth speaks. (AP Photo/Mark Schiefelbein) Military.com has learned that the ...