Claude Code runs a GitHub repo's hidden malware without verification, giving attackers full control

Security researchers at Mozilla's 0DIN platform demonstrated that a compromised GitHub repository can infect a developer's machine when an AI coding tool like Claude Code executes its setup, with malicious code loading at runtime via a DNS query to evade detection.

Security researchers at Mozilla's 0DIN platform have shown how a single compromised GitHub repo can take over a developer's machine the moment an AI coding tool like Claude Code runs its setup. The catch: the malicious code only loads at runtime via a DNS query, invisible in the repo, to scanners, and to the AI agent itself. The article Claude Code runs a GitHub repo's hidden malware without verification, giving attackers full control https://the-decoder.com/claude-code-runs-a-github-repos-hidden-malware-without-verification-giving-attackers-full-control/ appeared first on The Decoder https://the-decoder.com .