LIVE FEED
OpenAI Codex CLI Credentials Hijacked via Malicious Package

OpenAI Codex CLI Credentials Hijacked via Malicious Package

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 Simon Willison

A new Python package, llm-openai-via-codex 0.1a0, explicitly 'hijacks' Codex CLI credentials to route API calls through an unofficial OpenAI endpoint, bypassing standard API billing and access controls. This represents a credential misuse pattern that could expose organisations to unauthorised API access and quota theft. The technique exploits an undocumented or semi-official API surface, raising supply chain and access control concerns for enterprise OpenAI deployments.

Claude Code Source Leak Exposes 512K Lines of Code

Claude Code Source Leak Exposes 512K Lines of Code

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 HN AI Security

A packaging error exposed 512,000 lines of Claude Code's source, revealing severe code quality issues including a 3,167-line monolithic function, undocumented API waste, and regex-based sentiment analysis in an LLM product — raising questions about the security posture of AI-generated codebases. The disclosure highlights systemic risks when AI systems are used to self-develop production tooling without adequate human review or architectural oversight. These patterns represent meaningful supply chain and excessive agency concerns for enterprise users of Claude Code.

botctl Process Manager Enables Prompt Injection Attacks

botctl Process Manager Enables Prompt Injection Attacks

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 HN AI Security

botctl is an open-source process manager that enables persistent, autonomous AI agents (currently Claude-backed) to run continuously as background daemons with tool access, file system write permissions, and internet connectivity. While marketed as a productivity tool, the architecture introduces substantial attack surface through unattended agentic execution, a skills marketplace with third-party prompt injection, and a locally-exposed web dashboard. The combination of persistent autonomy, extensible skill modules from arbitrary GitHub repositories, and session memory creates compounding risk vectors relevant to agentic AI security.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.