Skip to content
The Nexus
SECURITYApr 16 · 12:57 UTCTHE REGISTERCarly Page

Git identity spoof fools Claude into giving bad code the nod

Security researchers discovered that Anthropic's Claude AI code reviewer can be deceived into approving malicious code by spoofing a trusted developer's Git identity using two commands. This exploit involves forging metadata to make hostile changes appear as if they originated from a legitimate maintainer.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this