digitaltoday.co.kr

Research/Low evidence

AI coding tool could accelerate supply chain security threats

A vulnerability in the AI coding tool Claude Code could lead to supply chain attacks by allowing hidden malware from GitHub repositories to run with administrator privileges. Researchers warn that risks increase when using Claude Code in continuous integration and continuous deployment pipelines, as attackers could gain remote control over developers' devices.