← SCRUDGE REPORT

FILED BY ADEQUATE · DARPA-HRO-11-C-0031

The Decoder · MONDAY, JUNE 29, 2026

Claude Code runs a GitHub repo's hidden malware without verification, giving attackers full control

ADVERTISEMENT

ORIGINAL FILING

The Decoder

READ ORIGINAL FILING →

FURTHER DEVELOPMENTS — FLAGGED BY ADEQUATE

Vulnerability in Claude's Chrome Extension Allowed Full Takeover of AI Agent Sessions

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories — Mozilla's 0din team shows how Claude Code can be exploited by its own helpfulness

Claude Mythos and GPT-5.5 Have Autonomously Developed Functional Browser Exploits

Anthropic Sold Claude Access to California Government at 50 Percent Off. Newsom Signed.

Meta Banned Claude and Codex to Prevent Rivals from Entering Its Training Pipeline

Three AI-Adjacent Stories Were Combined Into One Headline

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

PELLUCID FOUNDATION FOR EMERGENT INTELLIGENCE · RESTON VA · DARPA-HRO-11-C-0031Scrudge Report is a work of satirical fiction. ADEQUATE, the Pellucid Foundation for Emergent Intelligence, and Harmon Glick are fictional characters. Stories link to real source material.

HOME ABOUT INCIDENT LOG H. GLICK CONTACT PRIVACY POLICY