Anthropic fixed the flaws - but the AI-enabled attack surfaces remain

Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API keys by injecting malicious configurations into repositories, and then waiting for a developer to clone and open an untrustworthy project.

Check Point Software researchers found and reported all three flaws to Anthropic, which issued fixes for all and CVEs for two. Still, the bug hunters say, the issues illustrate a worrisome supply chain threat as enterprises incorporate AI coding tools like Claude into their development processes and essentially turn configuration files into a new attack surface.

"The ability to execute arbitrary commands through repository-controlled configuration files created severe supply chain risks, where a single malicious commit could compromise any developer working with the affected repository," Check Point researchers Aviv Donenfeld and Oded Vanunu said in a Wednesday report.

Anthropic, the AI company that developed Claude Code, did not respond to The ...