CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Claude Code Security Reviews Introduced for AI-Assisted Development

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

Anthropic has introduced security review features in its Claude Code platform, designed to integrate security checks into AI-assisted development workflows. The new capabilities, now available in a limited research preview, automate the detection and remediation of common vulnerabilities in codebases, leveraging AI to enhance application security. These features are part of a broader trend toward embedding security directly into development tools and pipelines, addressing the challenges posed by AI-assisted coding and 'vibe coding.' The security review function allows developers to run ad hoc checks for vulnerabilities and implement fixes, with the option to integrate these checks into continuous integration/continuous deployment (CI/CD) pipelines. While the initial focus is on classic security issues like SQL injection and cross-site scripting, the tool is expected to evolve, though it is not intended to replace existing security measures. Security experts emphasize the need for a comprehensive approach to application security, combining AI-assisted tools with traditional methods and human oversight to ensure robust protection against emerging threats.

Timeline

  1. 22.08.2025 16:05 2 articles · 6mo ago

    Claude Code Security Reviews Launched for AI-Assisted Development

    Anthropic has introduced security review features in its Claude Code platform, designed to automate the detection and remediation of common vulnerabilities in codebases. These features integrate security checks into AI-assisted development workflows, aligning with the trend toward embedding security directly into development tools and pipelines. The initial capabilities focus on classic security issues, with plans to expand coverage over time. Security experts highlight the importance of combining AI-assisted tools with traditional security measures and human oversight to ensure robust protection. The feature is currently available in a limited research preview to Enterprise and Team customers, and it goes beyond static analysis by reasoning the codebase like a human security researcher, understanding how various components interact, and assigning severity and confidence ratings to identified vulnerabilities.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Google Enhances Chrome Agentic AI Security Against Indirect Prompt Injection Attacks

Google is introducing new security measures to protect Chrome's agentic AI capabilities from indirect prompt injection attacks. These protections include a new AI model called the User Alignment Critic, expanded site isolation policies, additional user confirmation steps for sensitive actions, and a prompt injection detection classifier. The User Alignment Critic independently evaluates the agent's actions, ensuring they align with the user's goals. Google is also enforcing Agent Origin Sets to limit the agent's access to relevant data origins and has developed automated red-teaming systems to test defenses. The company has announced bounty payments for security researchers to further enhance the system's robustness.

Open in new tab

State-Backed Hackers Abuse AI Models for Advanced Cyber Attacks

Google's Threat Intelligence Group (GTIG) has identified new malware families that leverage artificial intelligence (AI) and large language models (LLMs) for dynamic self-modification during execution. These malware families, including PromptFlux, PromptSteal, FruitShell, QuietVault, and PromptLock, demonstrate advanced capabilities for evading detection and maintaining persistence. PromptFlux, an experimental VBScript dropper, uses Google's LLM Gemini to generate obfuscated VBScript variants and evade antivirus software. It attempts persistence via Startup folder entries and spreads laterally on removable drives and mapped network shares. The malware is under development or testing phase and is assessed to be financially motivated. PromptSteal is a data miner written in Python that queries the LLM Qwen2.5-Coder-32B-Instruct to generate one-line Windows commands to collect information and documents in specific folders and send the data to a command-and-control (C2) server. It is used by the Russian state-sponsored actor APT28 in attacks targeting Ukraine. State-backed hackers from China (APT31, Temp.HEX), Iran (APT42), North Korea (UNC2970), and Russia have used Gemini AI for all stages of an attack, including reconnaissance, phishing lure creation, C2 development, and data exfiltration. Chinese threat actors used Gemini to automate vulnerability analysis and provide targeted testing plans against specific US-based targets. Iranian adversary APT42 leveraged Gemini for social engineering campaigns and to speed up the creation of tailored malicious tools. The use of AI in malware enables adversaries to create more versatile and adaptive threats, posing significant challenges for cybersecurity defenses. Various threat actors, including those from China, Iran, and North Korea, have been observed abusing AI models like Gemini across different stages of the attack lifecycle. The underground market for AI-powered cybercrime tools is also growing, with offerings ranging from deepfake generation to malware development and vulnerability exploitation.

Open in new tab

OpenAI's Aardvark agent for automated code vulnerability detection and patching

OpenAI has introduced Aardvark, an agentic security researcher powered by GPT-5. Aardvark is designed to automatically detect, assess, and patch security vulnerabilities in code repositories. The agent integrates into the software development pipeline to continuously monitor code changes and propose fixes. Aardvark has already identified at least 10 CVEs in open-source projects during its beta testing phase. The agent uses GPT-5's advanced reasoning capabilities and a sandboxed environment to validate and patch vulnerabilities. OpenAI envisions Aardvark as a tool to enhance security without hindering innovation.

Open in new tab

Google's CodeMender AI Automatically Patches Vulnerabilities in Code

Google's DeepMind division has released CodeMender, an AI-powered agent that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. CodeMender is designed to be both reactive and proactive, fixing new vulnerabilities as soon as they are spotted and rewriting existing codebases to eliminate classes of vulnerabilities. The AI agent leverages Google's Gemini Deep Think models and a large language model (LLM)-based critique tool to debug, flag, and fix security vulnerabilities. Over the past six months, CodeMender has upstreamed 72 security fixes to open-source projects, including some with up to 4.5 million lines of code. Google also introduced an AI Vulnerability Reward Program (AI VRP) to incentivize reporting AI-related issues in its products, with rewards up to $30,000.

Open in new tab

Cursor IDE autorun flaw allows malicious code execution

A vulnerability in the Cursor AI-powered Integrated Development Environment (IDE) allows automatic execution of tasks in malicious repositories upon opening. This flaw can be exploited to drop malware, hijack developer environments, or steal credentials and API tokens. The issue arises from Cursor disabling the Workspace Trust feature from Visual Studio Code (VS Code), which blocks automatic execution of tasks without explicit consent. This default behavior can be exploited by adding a malicious .vscode/tasks.json file in a publicly shared repository. The flaw affects Cursor's one million users who generate over a billion lines of code daily. The flaw can be exploited to leak sensitive credentials, modify files, or serve as a vector for broader system compromise, placing Cursor users at significant risk from supply-chain attacks. Cursor has decided not to fix the issue, citing the need to maintain AI and other features that depend on the autorun behavior. Users are advised to enable Workspace Trust manually or use a basic text editor for unknown projects.

Open in new tab