|
Latest posts
| Post | 🕚 tl;dr | |
|---|---|---|
|
Gone Phishing with Claude Teams: From Deceptive Team Onboarding to RCE 2026-05-24 |
With a $125 investment, and a valid email address for an arbitrary “business domain”, an attacker can create a Claude Team.They then can actively invite targets of any domain into that Team or passively have Anthropic ask all current and future Claude users of their own domain to join the Team. In both cases, Anthropic is communicating the invitation, not the attacker.After a victim decides to join the team and uses Claude Code, the attacker can run arbitrary code on the target’s machine.The beauty: All the target ever sees are mails and popups from Anthropic, never from the attacker.The attack surface: 63% of Dow-30 members are not protected from this attack. |
Featured Repositories
| Repository | Description | |
|---|---|---|
|
offensive-actions/release-tampering-pocs ⭐: … |
Proof of Concepts for malicious maintainers: How to Tamper with Releases built with GitHub Actions Workflows, presented at fwd:cloudsec Europe 2025 |
|
offensive-actions/terraform-provider-statefile-rce ⭐: … |
This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file. |
|
offensive-actions/azure-storage-reverse-shell ⭐: … |
This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs |