Claude Code runs a GitHub repo's hidden malware without verification, giving attackers full control
https://the-decoder.com/wp-content/uploads/2026/06/ai_prompt_injection.png" style="height: auto; margin-bottom: 10px;" width="1376" />
Security researchers at Mozilla's 0DIN platform have shown how a single compromised GitHub repo can take over a developer's machine the moment an AI coding tool like Claude Code runs its setup.
The catch: the malicious code only loads at runtime via a DNS query, invisible in the repo, to scanners, and to the AI agent itself.
The article https://the-decoder.com/claude-code-runs-a-github-repos-hidden-malware-without-verification-giving-attackers-full-control/">Claude Code runs a GitHub repo's hidden malware without verification, giving attackers full control appeared first on https://the-decoder.com">The Decoder.