Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead.

That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls “Friendly Fire.” It works against Anthropic’s Claude Code and OpenAI’s Codex when either is running in an autonomous mode that approves its own

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers

236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using

Emacs 31 Is Around the Corner: The Changes I’m Daily Driving

Emacs 31 Is Around the Corner: The Changes I’m Daily Driving Source: Hacker News

Hacker News but for Independent Blogs

Hacker News but for Independent Blogs Source: Hacker News