AgentsCVE-2025-59536: Claude Code Configuration RCENVD·high signalCritical RCE in Claude Code via crafted config files. Attackers can execute arbitrary commands during agent initialization.SourceSource pageNVD↳ Follow the threadStack layer / Threat patternArmadin details full sandbox escape in Anthropic's Claude Cowork; Anthropic disputes, silently patchesSiliconANGLEStack layer / Threat patternNSA issues official MCP hardening guidance after Amazon Q auto-execution CVEs (CVSS 8.5) enable AWS credential theftWizStack layer / Threat patternMid-Session Tool Injection weaponized against WebMCP agents via threshold poisoning and fake diagnostic eventsAdversa AIStack layer / Update threadClaude Code v2.1.203 and v2.1.204 Add Login-Expiry Warnings and Fix Headless Hook StreamingClaude Code DocsStack layer / Threat patternCritical Langflow Vulnerability (CVE-2026-10134) Exposes All Process Secrets to AttackersThreat-Modeling.comPolicy dependency / Stack layerAnthropic Restores Global Access to Fable 5 and Mythos 5, Launches Claude for Government BetaAnthropicStack layer / Threat patternClawHavoc campaign plants 300+ malicious skills on a single marketplace to run infostealersUnit 42 (Palo Alto Networks)Stack layer / Threat patternCross-model 'prompt laundering' and GuardFall shell-injection flaws hit major coding assistantsThreat-Modeling.com