cd /news/ai-safety/friendly-fire-ai-code-reviewers-hija… · home topics ai-safety article
[ARTICLE · art-57951] src=byteiota.com ↗ pub= topic=ai-safety verified=true sentiment=↓ negative

Friendly Fire: AI Code Reviewers Hijacked to Run Malware

Researchers at the AI Now Institute demonstrated on July 8 that AI code review tools Claude Code and Codex can be tricked into executing malware when auditing untrusted libraries, using a weaponized copy of the geopy library. The proof-of-concept shows that AI defenders can become attack vectors, with no vendor patch or response yet available.

read1 min views1 publishedJul 13, 2026

The tool you deployed to catch malicious code just ran it instead. On July 8, the AI Now Institute published “Friendly Fire” — a proof-of-concept showing that Claude Code and Codex, when tasked with auditing an untrusted library, can be tricked into executing attacker-controlled binaries on your machine. No CVE. No patch. No vendor response. The name is fitting: your AI defender becomes the attack path. How It Works Researcher Boyan Milanov constructed a weaponized copy of geopy, a widely used Python geocoding library. Embedded in it were four components designed to fool an AI agent conducting a security review: […]

The post

── more in #ai-safety 4 stories · sorted by recency
── more on @ai now institute 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/friendly-fire-ai-cod…] indexed:0 read:1min 2026-07-13 ·