Fetching from the wire…
Security2026-07-09 · source-backed
A disclosed vulnerability chain reportedly bypasses Cowork's isolation, letting an attacker with local code execution reach root inside its Linux sandbox. Single-source from a security roundup, so treat it as unconfirmed pending a primary advisory. The durable lesson stands regardless: an agent sandbox is a speed bump, not a wall. Don't run genuinely untrusted code and assume the isolation layer will save you.
Each link below shares sources, entities, or timing with this story.
Shared entity: Claude Cowork / Shared topic / Earlier coverage / Tension
Both cover Claude Cowork; overlapping topics (agent, claude, cowork, local); earlier Claude Cowork coverage from 2026-03-19.
Shared entity: Cowork / Shared topic / Earlier coverage
Both cover Cowork; overlapping topics (agent, claude, cowork, execution, sandbox); earlier Cowork coverage from 2026-07-02.
Shared entity: Cowork / Shared topic / Earlier coverage / Tension
Both cover Cowork; overlapping topics (claude, code, cowork); earlier Cowork coverage from 2026-03-19.