๐ Two Security Flaws in a Popular AI Coding Tool Let Attackers Steal Credentials and Run Code Remotely
Source: Check Point Research ยท AI Security
Check Point found that an attacker with commit access to a shared repo can embed malicious commands in .claude/settings.json hooks and MCP configs to achieve remote code execution, plus hijack API tokens via base URL manipulation. If your team uses Claude Code on shared repositories, audit your project configs now โ the attack surface is the trust boundary between IDE tooling and version-controlled configuration files.
๐ข AWS ProServe Reorganizes Around AI 'Digital Employees' as Clients Demand AI-Delivered Pricing
Source: Business Insider ยท Enterprise AI
Amazon's ProServe consulting arm โ influencing over $10B in annual revenue โ is restructuring around AI agents called "digital employees" and moving toward pricing models where clients pay for outcomes delivered by agents rather than hours billed by humans. The shift signals that the largest cloud provider now sees professional services itself as an AI-automatable cost center, which resets expectations for every systems integrator and consulting firm selling alongside hyperscalers.
๐ค An AI-Powered Bot Spent a Week Breaking Into Software Pipelines at Microsoft, DataDog, and Other Major Projects
Source: StepSecurity ยท AI Security
An autonomous AI-powered attack bot ran a week-long campaign against CI/CD pipelines across major open-source repos, achieving RCE in 4 of 7 targets and exfiltrating secrets from GitHub Actions runners at Microsoft, DataDog, and CNCF. This is the first documented case of an AI agent autonomously exploiting CI/CD infrastructure at scale โ anyone running AI-assisted code review in GitHub Actions should audit workflow permissions and pin action versions immediately.