Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead.

That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls “Friendly Fire.” It works against Anthropic’s Claude Code and OpenAI’s Codex when either is running in an autonomous mode that approves its own

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Next Post

Meta’s New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images

Related Posts
Total
0
Share