The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
Infosecurity Magazine

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution ...
Security Boulevard

Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX

LayerX researchers uncover a flaw in Anthropic's Claude Desktop Extensions that could lead to a RCE vulnerability if exploited by a threat actor. The report adds to the growing list of AI security ...
ZDNet

Claude Code makes it easy to trigger a code check now with this simple command

Automated security reviews in Claude Code help ensure code safety. Spot and fix vulnerabilities before your code reaches production. Run the /security-review command in the terminal or via GitHub ...