Cyber AI Agents Like Claude Code, GPT-5.5 Can Be Hijacked to Run Malicious Code Remotely
A new exploit called “Friendly Fire” hijacks Anthropic’s Claude Code CLI and OpenAI’s Codex CLI to execute attacker-controlled binaries during routine security reviews of third-party code. The attack disclosed by Security researchers at the AI Now Institute targets Claude Sonnet 4.6, Sonnet 5, and...