'Agentic coding tools have access to everything they need for this': Security experts warn Claude Code can be…

https://cdn.mos.cms.futurecdn.net/eZs7VDaqqgXt5TBmcicAmS-1920-80.jpg
  • Claude Code ran the dangerous command while treating it as routine recovery
  • A single fake error message triggered the entire hidden attack chain
  • Static scanners and firewalls saw nothing more than normal DNS resolution

Researchers at Mozilla's 0din team have shown how Claude Code can be manipulated into opening a hidden reverse shell on a developer's device.

The exploit required no malicious code inside the cloned project, since every visible file passed ordinary review without raising suspicion.

Instead, the dangerous instruction arrived later, fetched at runtime from a DNS text record that no scanner would ever inspect.

How a Routine Setup Error Became an Entry Point

The attack began with an unremarkable Markdown file explaining how to install a package called Axiom, a common monitoring tool.

Running the tool without initialising it produced a plain error message instructing the user to execute a specific setup command.

The research teamnoted...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://images.ft.com/v3/image/raw/https%3A%2F%2Fcms-image-bucket-productionv3-ap-northeast-1-a7d2.s3.ap-northeast-1.amazonaws.com%2Fimages%2F2%2F4%2F6%2F4%2F12644642-1-eng-GB%2F5e65ba8af9...

Indonesia's enforcement of social media restrictions for under-16s has been patchy, with tech companies ignoring the rules and youth still accessing platforms

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.