Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Researchers show HalluSquatting can make AI coding agents fetch fake repositories or skills and run attacker-supplied code.