The Next Web

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned every project that uses it

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.

Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged

Anthropic, OpenAI, Google, and Meta published prompt injection disclosures in 2026 — but no two measure the same thing. What ...