A high-severity security bypass vulnerability in Anthropic’s Claude Code AI coding agent allows malicious actors to silently evade user-configured deny rules through a simple command-padding technique, exposing hundreds of thousands of developers to credential theft and supply chain compromise. According to Adversa, the flaw was traced to bashPermissions.ts (lines 2162–2178), stems from a performance optimization […] The post Critical Claude Code Flaw Silently Bypasses Developer-Configured Security Rules appeared first on Cyber Security News.