Tuesday , July 14 2026
Terra Security

CVE-2026-25724
Terra Security researchers discovered Flaws in Anthropic’s Claude Code 

Terra Security shared results from recent tests that showed flaws in AI apps, agents, and AI-made code workflaws. The company has launched a new module for its constant testing platform. This lets security experts keep simulating attacks on AI systems to find flaws.

Terra has tested different applications made with AI coding tools like Claude Code, fast app-making platforms like Loveable and Base44, and business software that uses AI chat features over the last few months. The company found common security issues that are different from usual software flaws, like CVE-2026-25724, found in Anthropic’s Claude Code by Terra Security researchers.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

After bringing the finding to Anthropic, they quickly acknowledged the risk and resolved the symbolic link issue in Claude Code versions 2.1.7 and later.

The study found that in all applications with AI chats or Agents, there were AI security problems.

Real-World AI Vulnerabilities Observed in Large Enterprises’ Production Environments:

Prompt injection attacks against AI copilots
Indirect prompt injection through embedded or third-party content
Sensitive system prompt leakage
Cross-tenant data exposure in AI copilots
Privilege escalation via AI tool execution chains
Reverse shell execution through AI-enabled command workflows
Broken authorization logic in AI-generated business processes
Exposure of internal APIs introduced during AI-assisted feature expansion
Cross-site scripting via LLM Prompt Injection with authentication bypass

“Some of these issues did not stem from malicious intent or overt misconfiguration, but from complex interactions between AI agents, application logic, and operational tooling,” said Shahar Peled, CEO and Co-founder of Terra Security. “With AI systems committing code with vulnerabilities, modifying configurations, and interacting with pipelines, organizations need visibility into real-world exploitability in production environments, not just theoretical risk. We are proud to be able to provide the means for pentesters to monitor these actions continuously using the Terra platform.”

As AI agents get more access to databases, APIs, and tools, small mistakes can quickly spread across systems. Anthropic’s new security updates to Claude Code show that the industry is paying more attention to finding problems in the code.

“Traditional scanners look for known patterns,” said Gal Malachi, CTO and Co-Founder of Terra Security. “What we’re seeing with AI-powered systems is contextual vulnerabilities in cases where the model behaves as designed, but the surrounding application or permission model allows unintended outcomes. A prompt injection may not resemble a conventional code flaw, yet it can still expose sensitive data or trigger unsafe actions if safeguards are incomplete.”

How to Use Agentic Tools Safely: 5 Practical Dos and Don’ts

Agentic tools are very powerful, but using them safely needs careful handling. The guidelines below show simple steps for using them responsibly in today’s work.

Do not run unknown tools blindly
Do not run agents on your host environment
Do not rely on default permissions
Do not trust repository context
Do not grant full autonomy immediately

Microsoft patches SharePoint RCE flaw CVE-2026-45659 across servers

Check Also

MCP Servers

Thousands of MCP Servers Exposed to File Access and Injection Attacks

Thousands of Model Context Protocol (MCP) servers have serious security flaws like file access issues, …