Claude Code Flaws Exposed Developer Devices to Silent Hacking - SecurityWeek

Multiple vulnerabilities in Anthropic's Claude Code, primarily exploited via malicious configuration files, allowed for silent arbitrary command execution on developer machines. These flaws also enabled bypassing consent for external actions and exfiltrating API keys by redirecting traffic, potentially compromising shared team resources.