BTC
ETH
HTX
SOL
BNB
ดูตลาด
简中
繁中
English
日本語
한국어
ภาษาไทย
Tiếng Việt

Claude Code exposed to high-security risk: Malicious configuration files could silently execute commands

2026-07-18 02:12

Odaily Odaily News: SlowMist founder cos shared a post on X platform about the potential poisoning attack risk of Claude Code and published a detailed analysis of the poisoning attack against Grok Build CLI and Claude Code CLI. The analysis points out that the security mechanisms of Grok Build CLI are not unified, with different code paths having different trust assumptions, and the gaps between them become channels for attackers.

Attackers may use malicious project configuration files to execute arbitrary commands without the user's knowledge, thereby stealing API keys, cloud credentials, or gaining control over local devices. Researchers constructed a test environment and found that on Mac systems, if Claude Code is affected, executing a specific test command could trigger the launch of the local calculator, proving the existence of a potential command execution risk. If the attack is successful, attackers could further steal API Keys from AI services like Claude and OpenAI, causing account fee losses; obtain credentials for cloud services such as AWS, Alibaba Cloud, and Tencent Cloud to access servers and data; tamper with code repositories to implant backdoors; and use the local device as a springboard to attack the enterprise's internal network. It is reported that the relevant vulnerability has existed for one year.

ค้นหา
ดาวน์โหลดแอพ Odaily พลาเน็ตเดลี่
ให้คนบางกลุ่มเข้าใจ Web3.0 ก่อน
IOS
Android