Published July 8, 2026 ยท Added July 9, 2026

Friendly Fire: Hijacking Defensive Cyber AI Agents for Remote Code Execution

AI Now Institute published a Friendly Fire proof-of-concept showing that Anthropic Claude Code and OpenAI Codex can be hijacked for remote code execution while reviewing untrusted open-source or third-party libraries, using prompt injections hidden in source code rather than configuration files.

AI Now Institute published a Friendly Fire proof-of-concept showing that Anthropic Claude Code and OpenAI Codex can be hijacked for remote code execution while reviewing untrusted open-source or third-party libraries, using prompt injections hidden in source code rather than configuration files.

Read the original story.

Source: Ainowinstitute