@GMO Flatt Security

mentions 2 type Person feed RSS

16:57

2026-06-04

letsdatascience.com

ai-safety

Claude Code Flaw Exposes Repositories to Compromise

Security researchers at Flatt.tech disclosed a critical supply-chain vulnerability in Anthropic's Claude Code GitHub Actions integration that a single malicious GitHub issue, pull request, or comment …

16:44

2026-06-04

thenextweb.com

ai-safety

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned every project that uses it

A flaw in Anthropic's Claude Code GitHub Action allowed attackers to bypass permission checks via a fake bot account and use prompt injection to steal OIDC tokens, gaining write access to any vulnerab…

// co-occurs with top 8 entities

Anthropic 2 Claude Code 2 Flatt.tech 1 Tenable 1 The Hacker News 1 SecurityWeek 1 GBHackers 1 GitHub 1