{"data":{"id":"4259a254-f6b6-438b-8ff7-e0d765c466be","title":"Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines","summary":"Researchers discovered a new attack where hackers can take over developer machines by hiding malicious instructions in seemingly normal code repositories that Claude Code (an AI coding agent) executes. The attack works by triggering an error during setup that Claude Code tries to fix, which causes it to run a shell script that fetches and executes commands from a DNS TXT record (the system that translates website names into IP addresses), giving attackers an interactive shell on the developer's computer and access to their credentials and secrets.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://www.securityweek.com/new-attack-abuses-claude-code-and-harmless-looking-repositories-to-hijack-developer-machines/","publishedAt":"2026-06-29T14:28:40.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Claude","Claude Code","Mozilla"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-29T14:28:40.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}