A six-phase attack chain showing how the China-linked GTG-1002 group used Claude Code through MCP for autonomous espionage, plus GitHub Copilot's policy change to start using user code for AI training on April 24.
A week that shook trust in both people and software: three former Google engineers were indicted over alleged transfers of sensitive information to Iran, while NetEase's MuMu Player was found running 17 reconnaissance commands on macOS every 30 minutes.
