Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Claude Code deny-rule bypass fix (version 2.1.90)

Security Patch Release
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Anthropic released Claude Code version 2.1.90 last week to fix a command-parsing flaw that could let user-configured deny rules silently stop applying when a command exceeded 50 subcommands. The issue mattered because a blocked command such as rm could run without restriction once it was preceded by enough harmless statements. The update formally closed the bypass in the AI coding agent that executes shell commands on developers' machines.

Related Happenings

Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign

Campaign
First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...

Open Happening

PromptMink malicious npm dependency stealing secrets and crypto wallets

Malware Activity
First: 29.04.2026 17:00 Last: 29.04.2026 17:00 Sources 1

About this happening: The **PromptMink** malicious npm dependency now poses an immediate theft risk because it is stealing sensitive data and exposing **crypto wallets** from infected environments. The...

Open Happening

Enterprise AI deployments need governance and segmentation after red-team failures

Defensive Guidance
First: 24.04.2026 15:10 Last: 24.04.2026 15:10 Sources 1

About this happening: **Enterprise AI deployments** are exposing familiar security gaps, making **governance**, **segmentation**, and **red-team validation** urgent to reduce the risk of **data theft**...

Open Happening

Indirect prompt injection payloads against AI agents reveal fraud, deletion, and secret-theft paths

Technical Analysis
First: 23.04.2026 12:30 Last: 23.04.2026 12:30 Sources 1

About this happening: **10** new **indirect prompt injection (IPI)** payloads show how web content poisoning can coerce **AI agents** into **financial fraud**, **data destruction**, and **API key theft...

Open Happening

Google Antigravity prompt-injection fix

Security Patch Release
First: 21.04.2026 13:52 Last: 21.04.2026 13:52 Sources 1

About this happening: **Google** fixed **Antigravity**'s **prompt injection flaw** in **February**, closing a path that could lead to **sandbox escape** and **remote code execution (RCE)**. The patch f...

Open Happening

Timeline

  1. 08.04.2026 12:16 2 articles · 1mo ago

    Claude Code 2.1.90 fixes deny-rule bypass for long commands

    Mitigation Patch Update

    Anthropic addressed a command-parsing flaw in Claude Code version 2.1.90 that could silently ignore user-configured security deny rules when a command contained more than 50 subcommands, allowing blocked commands such as rm to run without restriction.

    Show sources
    Open in new tab