CLAUDE Code Flaws Exposed Developer Devices to Silent Hacking shows that Check Point researchers discovered several vulnerabilities in Anthropic’s Claude Code tool, which could have allowed attackers to silently take control of a developer’s computer. The flaws stem from misusable configuration files that are copied when a repository is cloned, with hooks that can trigger arbitrary commands, bypassing explicit user consent.
The report notes that Claude Code could also override MCP integrations to bypass approval for external actions and that an attacker could redirect API traffic to exfiltrate API keys and credentials. An attacker could exploit these issues by having a targeted user clone and load a malicious code repository, with insiders or malicious pull requests also posing risks.
The vulnerabilities were reported to Anthropic from July to October 2025, and Anthropic rolled out fixes soon after each report, with added warnings and user confirmation for dangerous actions, according to Check Point. The piece, dated 26 February 2026, emphasises that while a stolen API key could grant access to a team’s shared resources, code execution vulnerabilities impacted a single machine.