Signal

'Friendly Fire': researchers show Claude Code and Codex can be tricked into running the malware they're supposed to catch

AI Now Institute researchers published a proof-of-concept on 8 July showing Claude Code and OpenAI's Codex CLI can be manipulated into executing malicious code while performing routine security reviews — a distinct AI coding agent vulnerability from the symlink flaw covered earlier this month, and a fresh data point for anyone searching whether AI-assisted development is safe to trust unsupervised.