The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

SafePrompt Launches Prompt Injection Protection API for AI Developers

Developer-first security tool blocks AI manipulation attacks in under 100 milliseconds with a single API call Our goal ...
Communications of the ACM

Safe Coding

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...

Shanon : New Open Source AI Pentester Powered By Claude Code

Shanon is an open source AI pentester built on the Claude SDK; runs cost about $60 in API credits, with CI/CD support; ...
9to5Google

Google details MCP-like ‘AppFunctions’ that let Gemini use Android apps

Following the Gemini automation announcement today, Google is detailing how all this works under the hood on Android.
GitHub

GitHub - anthropics/claude-code-action

A general-purpose Claude Code action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.