Hackers Exploit Claude Code Privilege Escalation Vulnerability to Target Cryptocurrency Users

KuCoinFlash

Release Time: 01/08/2026 02:17:54

Summary

According to Blockbeats, a privilege escalation vulnerability in Anthropic's Claude Code has been exploited to target cryptocurrency users. The vulnerability, identified as CVE-2025-64755, allows attackers to execute unauthorized commands. A proof-of-concept (PoC) has been publicly shared, and crypto financial technology (CFT) agencies are monitoring the risk. Security researcher 23pds from SlowMist reported that phishing attacks have already leveraged this flaw, raising concerns about the impact on liquidity and cryptocurrency markets.

BlockBeats news: On January 8, SlowMist security researcher 23pds shared a report by researcher Adam Chester, revealing a privilege escalation and command execution vulnerability in Anthropic's Claude Code. Attackers could execute commands without user authorization. The vulnerability is assigned the ID CVE-2025-64755, and a related proof-of-concept (PoC) has been made public. This issue is said to be similar to a previously disclosed vulnerability in the Cursor tool.

23pds claims that hackers have already exploited the vulnerability to attack encrypted users.

Source:Show original

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.