The article says researchers at Check Point found serious flaws in Anthropic’s Claude Code that could have let attackers quietly take over a developer’s machine. The main problem was in project configuration files: if an attacker planted malicious settings in a code repository, those settings could run dangerous commands automatically when the project was opened or cloned. Because these config files are copied with the repository and can be changed by anyone with repo access, the risk was that a developer could trigger the attack simply by opening a malicious project, a bad pull request, or code altered by an insider.

The article also says Check Point found two related issues: one could bypass user approval for certain external actions through MCP integration settings, and another could redirect Claude Code’s API traffic to an attacker-controlled server, potentially exposing API keys and even credentials. In simple terms, the concern was not just one hacked laptop, but the possibility of wider team impact if shared keys were stolen. SecurityWeek says Anthropic patched the issues after Check Point reported them between July and October 2025, and also added stronger warnings and confirmation steps for risky actions.

‍

Source: https://www.securityweek.com/claude-code-flaws-exposed-developer-devices-to-silent-hacking/