The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
Cybernews

AI assistant runs hacker’s commands just from opening a project: critical vulnerability found in Claude Code

Claude Code would execute hidden code from untrusted projects before any user confirmation, Check Point reports.
SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s ...

Security experts flag multiple issues in Claude Code, warning

An AI assistant can quickly turn into a malicious insider, so be careful with permissions.
WinBuzzer

Anthropic Bans Claude Subscription OAuth in Third-Party Apps

Anthropic has officially banned using Claude subscription OAuth in third-party tools, forcing developers to switch to API ...
GovInfoSecurity

Malicious Repo Files Could Hijack Claude Code Sessions

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands and steal API keys through repository ...

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

Cloudflare experiment ports most of Next.js API 'in one week' with AI

Uses Vite and Claude to sidestep Vercel lock-in A Cloudflare engineer says he has implemented 94 percent of the Next.js API by directing Anthropic's Claude, spending about $1,100 on tokens.… The ...

Sixteen Claude AI agents working together created a new C compiler

Amid a push toward AI agents, with both Anthropic and OpenAI shipping multi-agent tools this week, Anthropic is more than ...