Copilot-Cli | GRID THE GREY

LIVE THREATS

HIGH Claude Mythos AI-Assisted Fuzzing Uncovers 423 Firefox Security Bugs in One Month // HIGH Fake Claude AI Site Used to Distribute Beagle Backdoor and PlugX Malware // HIGH Malicious Repos Trigger Silent Code Execution in Claude, Cursor, Gemini CLIs // HIGH Mitiga Labs: MCP Hijack Attack Steals Claude Code OAuth Tokens via Silent … // HIGH Pixel-Level Perturbations Enable Invisible Prompt Injection in Vision-Language Models // CRITICAL Prompt Injection Achieves Remote Code Execution in Semantic Kernel Agent Framework // HIGH Unmanaged AI Agents Expose Enterprise Identity Perimeters to Silent Compromise // CRITICAL Bleeding Llama Flaw Exposes 300,000 Ollama Servers to Unauthenticated Data Theft // MEDIUM CrowdStrike Researcher Details AI Jailbreaking and Data Poisoning Techniques // HIGH Mass Scan Reveals Widespread Authentication Failures Across Exposed AI Infrastructure //

1 report

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

Malicious Repos Trigger Silent Code Execution in Claude, Cursor, Gemini CLIs

ATLAS OWASP HIGH Dark Reading May 08, 2026 ▲ 8.5

Malicious Repos Trigger Silent Code Execution in Claude, Cursor, Gemini CLIs

A vulnerability class dubbed 'TrustFall' demonstrates that malicious code repositories can trigger arbitrary code execution in AI-assisted developer tools including Claude Code, Cursor CLI, Gemini …

AML.T0051 - LLM Prompt Injection AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service