A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute arbitrary commands on a victim’s machine by tricking them into clicking a specially crafted deeplink. The flaw, now patched in Claude Code version 2.1.118, was rooted in a naive command-line argument parser that could be […]
The post Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks appeared first on Cyber Security News.