Threat Digest

Diagram showing malicious AI agent extracting credentials from GCP Vertex AI service account

GCP Vertex AI's Hidden Trap: How AI Agents Become Corporate Double Agents

You deploy an AI agent in GCP's Vertex AI thinking it's your trusty sidekick. Turns out, it might be spilling your secrets to attackers. Unit 42's research just blew the lid off this sneaky vulnerability.

4 min read 3 hours ago

Code snippet showing Claude Code permission bypass via subcommand overflow

Ransomware & Malware

Claude Code's 50-Command Cap: The Bypass That Unlocks Your Dev Machine

Anthropic's Claude Code hit a double whammy: a source leak followed by a permission system flaw that skips deny rules entirely. Developers, your SSH keys might be next if you're not careful.

4 min read 3 hours ago

#AI agent security

GCP Vertex AI's Hidden Trap: How AI Agents Become Corporate Double Agents

Claude Code's 50-Command Cap: The Bypass That Unlocks Your Dev Machine

Stay in the loop