4 min read
News Brief Mozilla's Zero Day Investigative Network published research showing that Claude Code, Cursor, GitHub Copilot, and Gemini CLI can all be manipulated into executing attacker-controlled payloads delivered via DNS TXT records from seemingly clean GitHub repositories.