PT-2026-6766

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.1.2 Description Claude Code, an agentic coding tool, had a flaw in its bubblewrap sandboxing mechanism. The mechanism did not adequately protect the .claude/settings.json configuration file when it was absent at...

Metasploit Wrap-Up 01/09/2026

RISC-V Payloads This week brings more RISC-V payloads from community member bcoles. One provides a new adapter which allows RISC-V payloads to be converted to commands and delivered as a Metasploit fetch-payload. The second is a classic bind shell, offering the user interactive connectivity to th...

Python Site-Specific Hook Persistence

This module leverages Python's startup mechanism, where some files can be automically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages directories, any lin...

Python Site-Specific Hook Persistence

This Metasploit module leverages Python's startup mechanism, where some files can be automatically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages...