THREAT OPS › Threat News › Claude Code: Data Exfiltration with DNS (CVE-2025-55284)
Claude Code: Data Exfiltration with DNS (CVE-2025-55284)
<a id="top_ref"></a>
<p>Today we cover Claude Code and a high severity vulnerability that Anthropic fixed in early June. The vulnerability allowed an attacker to hijack Claude Code via indirect prompt injection and leak sensitive information from the developer’s machine, e.g. API keys, to external servers by issuing DNS requests.</p> <h2 id="prompt-injection-hijacks-claude">Prompt Injection
Indicators of compromise
- CVE-2025-55284cve