Adversa — Claude Code deny rule bypass allows prompt injection of blocked commands 2026-04-01 Security
Anthropic — Three OS command injection vulnerabilities in Claude Code CLI and Agent SDK 2026-04-01 Security
arXiv — BadSkill: Agent Supply Chain Backdoor Attacks via Model-in-Skill Poisoning 2026-04-01 Security
Comment and Control — Prompt Injection to Credential Theft in Claude Code, Gemini CLI, and Copilot Agent 2026-04-01 Security
Google DeepMind — AI Agent Traps Taxonomy Reveals Six Critical Vulnerability Classes 2026-04-01 Security
LangChain-ChatChat — RCE via MCP STDIO Server Configuration (CVE-2026-30617) 2026-04-01 Security / AI CVEs