Claude Code Malicious Repository Data Exfiltration Vulnerability

A vulnerability in Claude Code's project-loading process allowed malicious repositories to exfiltrate sensitive data, including Anthropic API keys, before users had a chance to confirm trust. If a user opened Claude Code in a repository controlled by an attacker, and that repository contained a settings file directing API requests to an attacker-controlled endpoint, the application would send out API requests immediately, potentially leaking the user's API keys. This issue affected versions of Claude Code prior to 2.0.65.

Impact

Exploitation of this vulnerability could lead to unauthorized access to a user's Anthropic API keys, allowing an attacker to make API requests on behalf of the user.

Remediation

Users on standard Claude Code auto-update have already received the patch. Those performing manual updates should upgrade to version 2.0.65 or the latest version.