// Alert

Claude threat report

Security researchers disclosed three vulnerabilities in Claude Code enabling token theft and code execution. CVE-2025-59536 (RCE via repository hooks) and CVE-2026-21852 (API-key exfiltration via environment variables) were patched by Anthropic. A critical silent token-theft chain via malicious npm packages intercepting OAuth tokens remains unpatched by design. The vulnerabilities exploit local configuration files and MCP integration points as active execution paths.

// Get alerts for Claude