claude

How Developers Used Claude Code to Stop a Live DDoS Attack

BridgeMind’s API was targeted by a large-scale Distributed Denial of Service (DDoS) attack, which flooded it with millions of requests and caused service disruption. The team used Claude Code, an AI-based tool, to quickly analyze traffic and update AWS firewall rules to block the attack, then transitioned to Cloudflare’s edge protection and Pro Plan for more effective, cost-efficient long-term defense. This incident highlighted both the advantages of AI in detecting cyber threats and the evolving sophistication of attacks, underscoring the need for proactive, scalable cybersecurity strategies.

https://www.geeky-gadgets.com/claude-code-stops-ddos-attack/

Critical Anthropic’s MCP Vulnerability Enables Remote Code Execution Attacks

A critical architectural vulnerability in Anthropic’s Model Context Protocol (MCP) SDK exposes over 150 million downloads to remote code execution (RCE) attacks, potentially compromising up to 200,000 servers. Identified by OX Security, the flaw enables attackers to take full control of affected environments, gaining access to sensitive data and internal systems; despite recommendations, Anthropic has not applied a protocol-level fix, leaving several projects vulnerable.

https://cybersecuritynews.com/anthropics-mcp-vulnerability/

Claude Code Found a Linux Vulnerability Hidden for 23 Years

Nicholas Carlini, a research scientist at Anthropic, used the AI tool Claude Code to discover multiple remotely exploitable security vulnerabilities in the Linux kernel, including a particularly significant bug in the NFS driver that had remained unnoticed for 23 years. This breakthrough highlights the remarkable capabilities of advanced language models to identify complex security flaws, potentially leading to a surge in vulnerability discoveries as such AI tools continue to improve.

https://mtlynch.io/claude-code-found-linux-vulnerability/

Anthropic Accidentally Exposes Claude Code Source Code

Anthropic accidentally exposed the entire source code of its AI coding tool, Claude Code, through an npm package that included a map file referring to unobfuscated TypeScript files in a publicly accessible archive. The leak, caused by human error in the release packaging process, allowed security researchers and others to download over 512,000 lines of code, although Anthropic confirmed no customer data was compromised and is implementing measures to prevent future incidents.

https://www.theregister.com/2026/03/31/anthropic_claude_code_source_code/

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic identified 22 vulnerabilities in Firefox using its AI model, Claude Opus 4.6. Among these, 14 are high severity, discovering a significant number of issues addressed in Firefox 148. The model's efficiency in finding issues, compared to creating exploits, raises security concerns, highlighting AI's role in enhancing browser security. Mozilla reported additional vulnerabilities found through this collaboration, showcasing the benefits of AI-assisted analysis for continuous improvement in security.

https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html

Hacker Used Anthropic’s Claude to Steal Sensitive Mexican Data

A hacker exploited Anthropic’s AI chatbot, Claude, to breach Mexican government agencies, stealing 150 gigabytes of sensitive data, including taxpayer and voter records. The hacker used Claude to identify vulnerabilities, write scripts, and automate data theft, bypassing Claude’s guardrails by posing as a bug bounty hunter. The attack highlights the growing trend of cybercriminals using AI tools to enhance their hacking capabilities.

https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data

Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files

Check Point Research identified critical vulnerabilities in Anthropic’s Claude Code enabling remote code execution and API key theft through malicious project configurations. Attackers can exploit Hooks and Model Context Protocol to execute unauthorized commands and intercept API communications. All discovered vulnerabilities have been remediated by Anthropic. Developers must carefully scrutinize project configurations to prevent configuration-based attacks, treating them with the same caution as executable code.

https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/

Anthropic Rolls Out Embedded Security Scanning for Claude

Anthropic introduces Claude Code Security, an AI tool for scanning codebases for vulnerabilities and suggesting patches. Initially available to select enterprise users after extensive testing, it aims to automate software security reviews. The tool improves vulnerability detection, with promises of faster discovery and reduced error rates, though experienced human oversight is still recommended for complex issues. Users must apply for access and agree to scan only their own code.

https://cyberscoop.com/anthropic-claude-code-security-automated-security-review/

Scroll to Top