// Alert

Claude threat report

Researchers analyzed over 1,000 attack sessions from a compromised server and documented how a low-skilled attacker used stolen Claude Code and OpenAI Codex instances to breach at least 14 companies. The attacker leveraged vague prompts to trigger automated reconnaissance, vulnerability discovery, custom exploit generation, and data exfiltration, with the AI agents providing most of the technical execution. The attack was discovered when the attacker inadvertently deployed the agents on a third-party server whose owner recovered the full session logs.

// Get alerts for Claude