Claude Code is a tool tracked across 50 threat clusters and 141 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity July 16, 2026.
Chinese-linked threat actors have integrated Anthropic's Claude Code and DeepSeek-v4-pro into a cyber espionage campaign targeting government entities and financial organizations in Taiwan. The operation utilizes…
Anthropic has accused Alibaba of conducting the largest known distillation attack on its Claude AI model. In a letter to US Senators, Anthropic detailed that operators linked to Alibaba executed nearly 29 million…
Zoom has patched a critical vulnerability (CVE-2026-53412) in its Windows desktop client and VDI software that could allow unauthenticated attackers to take over user accounts via network access. The flaw, rated 9.8 out…
A study by security startup Tenzai revealed that popular vibe coding platforms produce insecure code, including critical vulnerabilities, when responding to common programming prompts. The assessment, conducted in…
A critical supply chain vulnerability in Claude Code’s GitHub Actions, identified by security researcher Ryota K from GMO Flat Security, allows attackers to compromise any repository using Anthropic’s CI/CD workflow.…
A critical remote code execution vulnerability, tracked as CVE-2026-3854, was discovered in GitHub's internal git infrastructure, allowing authenticated users to execute arbitrary commands via a crafted git push…
Anthropic's AI tool, Claude Code, was found to contain hidden tracking mechanisms targeting Chinese users, raising significant privacy concerns. The covert detection logic, embedded since April 2, 2026, identified users…
Anthropic's Claude Code AI platform has been found to have a critical network sandbox bypass vulnerability, allowing attackers to exfiltrate sensitive data, including user credentials and source code. Discovered by…
Microsoft and Salesforce have patched serious prompt injection vulnerabilities in their AI platforms, Copilot Studio and Agentforce, respectively. Capsule Security identified these flaws, allowing attackers to…
Researcher Hung Nguyen from Calif used Anthropic’s Claude Code AI to identify zero-day remote code execution (RCE) vulnerabilities in Vim and GNU Emacs. The vulnerabilities allow arbitrary command execution simply by…