An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.