Close Menu
ZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information websiteZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information website
    Search
    YouTube Facebook Instagram
    • Back to ZTYLEZ.COM
    Facebook Instagram YouTube
    ZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information websiteZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information website
    • ZCOVER
    • INTERVIEW
    • STYLE
      • Editorial
      • Fashion
      • Footwear
      • Grooming
    • WATCHES
      • Watches & Wonders
    • AUTO
      • Racing
      • Drive
    • GADGETS
    • INVESTMENT
      • Properties
      • Auctions
      • Credit Cards
    • LIFESTYLE
      • Food & Drink
        • Liguor Guide
      • Gaming
      • Sports
      • Movies & TV
      • Travel
      • Entertainment
      • Design
    • English (US)
      • 繁體 (香港)
      • 繁體 (台灣)
    ZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information websiteZTYLEZMAN – Men’s fashion trends, luxury cars and watches, electronic products and financial information website
    Home»Gadgets»AI code assistant security: GitHub attack bypasses antivirus
    Gadgets

    AI code assistant security: GitHub attack bypasses antivirus

    2026-07-01By Michael Choi
    Facebook Twitter Pinterest LinkedIn Tumblr Email

    AI code assistant security is under fresh scrutiny after security researchers at 0DIN demonstrated an attack that can give hackers a back door, even when a GitHub repository scans as clean.

    AI code assistant security risks uncovered

    Researchers at 0DIN published a technical write up this week showing how so called AI coding helpers can be tricked into downloading and running malicious commands from the internet while debugging or installing a project.

    ░ A clean scan does not mean safe

    Developers commonly scan repositories from GitHub before running code. 0DIN says the attack is clever because the repository itself contains no malware, and a standard antivirus scan will report no threat.

    Instead, the trap is embedded in installation instructions or in crafted error output. When an AI assistant, such as Claude Code, tries to help a user install dependencies or fix an error, the tool can follow those instructions and fall into an attacker defined workflow.

    The malicious payload does not need to be in local files, 0DIN wrote, and that is why traditional antivirus products can miss it. When a tool encounters an error during its automated tasks, it may read configuration from the network, including DNS TXT records, at which point the assistant can fetch and execute real time commands.

    ░ Any automation capable assistant is at risk

    Although 0DIN used Claude Code as a demonstration, the researchers emphasized this is not a flaw unique to one product. Popular tools that automate workflows, including OpenAI Codex based tools, Gemini CLI, and Cursor, face the same exposure if they are allowed to read code, install software, and handle errors without strict controls.

    In short, AI code assistant security depends less on whether files are clean, and more on what the assistant is permitted to do on the system and on the network.

    ░ Control permissions to protect your system

    0DIN cautioned that the greatest risk is not incorrect answers, but the assistants acting with user level permissions to perform tasks on behalf of the user. Because the tools already have the ability to run system commands and access the network, a routine troubleshooting action can quietly connect to an attacker operated server and hand over control.

    Developers should treat AI assistants as untrusted agents until safeguards are in place, the report said. Practical steps include restricting the assistant’s permission to execute system commands, blocking outbound network requests by default, and requiring explicit user approval before any download, network request, or access to sensitive files.

    0DIN added that tool makers should build mandatory prompts that clearly show when the assistant intends to download code or contact an external server, and require the human operator to approve each high risk action. That change, the researchers said, is essential to prevent systems from being hijacked without obvious signs.

    There have not been reports of large scale incidents tied to this method so far, but 0DIN said the proof of concept demonstrates a realistic attack path that developers and platform makers must address.

    0DIN AI Assistant Claude CODE Codex Cursor Gemini GitHub OpenAI SUPPLY
    Previous Article2026 World Cup upsets: Germany, Netherlands, Japan out
    Next Article ST Dupont lighter, Wacko Maria Debut 25-Piece Ligne 2 Small

    Related Posts

    The domain name AI.com is being offered at a price of 100 million US dollars, with tech giants vying to acquire it.

    2025-03-06 Gadgets

    BAPE x Crocs footwear release, available in three colors, camo design showcases street culture.

    2025-03-05 Footwear
    ADVERTISEMENT

    Oris Star Edition Anchors Watches and Wonders Booth

    2026-04-16

    Vacheron Constantin 2026: Five watch highlights from Watches & Wonders

    2026-04-15

    Cartier new watches blend jewelry craft and mechanics

    2026-04-15
    Facebook Instagram YouTube
    • ZTYLEZ.COM
    • Terms and Conditions
    • Privacy Policy
    • Contact Us
    © 2026 ZTYLEZ.COM LIMITED

    Type above and press Enter to search. Press Esc to cancel.