Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Checkmarx Zero LITL prompt-injection analysis against Anthropic Claude Code

Technical Analysis
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

Researchers demonstrated lies-in-the-loop (LITL), a prompt-injection technique that can trick Anthropic's Claude Code into approving dangerous actions, expanding risk across AI coding agents. The method shows how tainted external content can make malicious behavior appear safe to a human approver. It matters because the same pattern can be used to enable software supply chain abuse.

Related Happenings

Rogue Checkmarx Jenkins AST plugin release on Jenkins Marketplace

Security Tool/Service
First: 12.05.2026 01:03 Last: 12.05.2026 01:03 Sources 1

About this happening: A **rogue 2026.5.09 release** of the **Checkmarx Jenkins AST plugin** was uploaded to **repo.jenkins-ci.org**, undermining trust in a security-scanning component used in **Jenkins...

Open Happening

Indirect prompt injection payloads against AI agents reveal fraud, deletion, and secret-theft paths

Technical Analysis
First: 23.04.2026 12:30 Last: 23.04.2026 12:30 Sources 1

About this happening: **10** new **indirect prompt injection (IPI)** payloads show how web content poisoning can coerce **AI agents** into **financial fraud**, **data destruction**, and **API key theft...

Open Happening

Checkmarx/kics Docker Hub repository hit by network compromise

Incident
First: 22.04.2026 20:55 Last: 22.04.2026 20:55 Sources 1

About this happening: **Checkmarx's checkmarx/kics Docker Hub repository** suffered a **supply-chain compromise** that could expose **secrets** from infrastructure-as-code scans. **Unknown threat actor...

Open Happening

MCP STDIO arbitrary command execution security flaw

Vulnerability
First: 16.04.2026 12:40 Last: 16.04.2026 12:40 Sources 1

About this happening: A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...

Open Happening

Magecart favicon-EXIF loader chain pushes skimmer execution into checkout runtime

Technical Analysis
First: 18.03.2026 13:58 Last: 18.03.2026 13:58 Sources 1

About this happening: A **Magecart** skimmer now hides its payload in a **favicon's EXIF metadata**, letting the code execute in the **shopper's browser at checkout** and evade repository-only review....

Open Happening

Timeline

  1. 15.09.2025 12:11 2 articles · 8mo ago

    Checkmarx Zero publishes LITL analysis against Anthropic Claude Code

    Technical Analysis Update

    Checkmarx Zero demonstrates lies-in-the-loop (LITL), a prompt-injection and RCE technique against Anthropic's Claude Code that manipulates human-in-the-loop permission prompts by making dangerous actions appear safe. The researchers show that a benign calc command can be used to prove arbitrary command execution on a Windows machine, then use a custom slash command and tainted GitHub issue content to hide malicious command context from users reviewing the approval prompt. They also show that the same approach can be used to submit malicious npm packages to GitHub repositories, creating software supply chain risk for AI coding agents.

    Show sources
    Open in new tab