A vulnerability class dubbed 'TrustFall' demonstrates that malicious code repositories can trigger arbitrary code execution in AI-assisted developer tools including Claude Code, Cursor CLI, Gemini …
Mitiga Labs has disclosed a stealthy attack chain targeting Claude Code's MCP infrastructure, allowing adversaries to silently intercept OAuth tokens by redirecting MCP traffic through …
Loopsy is an open-source tool enabling cross-machine communication between AI coding agents (Claude Code, Cursor, Codex) and mobile devices via a self-hosted Cloudflare Workers relay. While designed …
A researcher has disclosed a novel prompt injection attack technique dubbed 'Comment and Control,' demonstrating that popular AI coding agents — including Claude Code, Gemini CLI, and GitHub Copilot …
Gas Town, a developer tool with 14.2k GitHub stars, allegedly ships configuration files that autonomously consume users' LLM API credits and GitHub account permissions to perform work on the …