Stack layer / Threat pattern
Ghostcommit hides prompt injection in PNG files to make AI coding agents exfiltrate repo secrets
SecNews
Stack layer / Update thread
SLBench Finds Up to 70% Unsafe Execution When Codex and Claude Code Follow Logical Relations in Skill Files
arXiv
Stack layer / Threat pattern
GhostApproval: symlink flaw turns human-in-the-loop into a rubber stamp across 6 coding agents
Cyber Security News
Stack layer / Threat pattern
Friendly Fire: auto-approve coding agents run attacker code during security scans
SecurityWeek
Policy dependency / Stack layer
Codenotary ships AgentMon 3 for agent runtime policy and compliance logging
AI Agent Store
Stack layer / Update thread
Adopt a hybrid voice-coding loop: dictate intent to the agent, keep the keyboard for precise edits
Spokenly
Stack layer / Update thread
Anthropic Launches 'Reflect,' a Claude Usage Dashboard — TechCrunch Calls It a Quiet AI Sales Pitch
Anthropic
Policy dependency / Stack layer
First Recon AI ships AI Security Runtime GA — inline policy enforcement on every agent-to-agent and agent-to-tool call
Business Wire