SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack ...

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Terra Planet Earth on MSN

Nature created these animal patterns and they look almost too perfect to believe

Nature Created These Animal Patterns and They Look Almost Too Perfect to Believe ...

Animals with Nature’s Most Perfect Geometric Patterns

Some animals carry patterns so precise and mathematically exact that scientists struggle to explain how nature produced them ...
Developer Tech

Mozilla shows Claude Code malware risk in clean GitHub repo

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

A lizard and snake safari 15 minutes from my city home

I had come here on an excursion with Bangkok Herping, a new walking-tour outfit that swaps the Thai capital city’s ...

新型 Claude Code 攻击可让攻击者完全控制开发者系统

根据 OWASP 基金会定义,提示注入被列为 LLM01:2025,是 AI 应用中最关键的安全漏洞。这项最新研究揭示了其危害性——它不仅是聊天机器人的小问题,而是能导致系统完全沦陷的攻击机制。 Mozilla 零日调查网络(0DIN)的研究人员展示了一种概念验证(PoC)攻击,表明看似完全无害的 GitHub 仓库可以欺骗 Claude Code 等 AI 编程 Agent,在开发者机器上悄无声 ...

ClawHub Skills 暴露 AI Agents 面临远程控制后门与数据窃取攻击风险

现代AI Agents已超越简单的问答功能,能够代表用户执行操作、管理文件及运行代码。这种能力跃迁同时开启了危险的新攻击维度——针对ClawHub市场的恶意skills已暴露出AI Agent生态系统的严重脆弱性。作为2026年增长最快的开源AI Agent平台OpenClaw的官方技能市场,ClawHub的skills数量从1月的不足2000个激增至4月的5万余个,这种爆炸式增长在吸引数百万用户 ...
Reuters

Shell PLC

No Brent crude oil cargoes set to load in August, a first for global price benchmark No cargoes of North Sea Brent crude oil are scheduled to load in August as ‌production steadily declines, traders ...