The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
CSOonline

Hacker inserts destructive code in Amazon Q tool as update goes live

A hacker managed to insert destructive system commands into Amazon’s Visual Studio Code extension used for accessing its AI-powered coding assistant, Q, which was later distributed to users through an ...
TechSpot

Amazon's AI coding assistant exposed nearly 1 million users to potential system wipe

A hot potato: Earlier this month, a hacker compromised Amazon's generative AI coding assistant, Amazon Q, which is widely used through its Visual Studio Code extension. The breach wasn't just a ...

Hackers expose Discord age verification system issue after Persona frontend code left wide open

Hackers have revealed that parts of Discord's new age verification system were effectively exposed to the public after the frontend code for third-party vendor Persona was left accessible on the open ...