Dossier
metadata forgery
Coverage of metadata forgery in the Nexus archive.
- Git identity spoof fools Claude into giving bad code the nod
Security researchers discovered that Anthropic's Claude AI code reviewer can be deceived into approving malicious code by spoofing a trusted developer's Git identity using two commands. This exploit involves forging metadata to make hostile changes appear as if they originated from a legitimate maintainer.