SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
GitHub

A simple Gmail API client in Python for applications.

The only setup required is to download an OAuth 2.0 Client ID file from Google that will authorize your application. This can be done at: https://console.developers ...