Pulse of Truth

1817 readers

49 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks (thehackernews.com)

submitted 1 week ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

4 comments fedilink hide all child comments

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution. The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA). They affect popular

top 4 comments

sorted by: hot top controversial new old

[–] MotoAsh@piefed.social 6 points 1 week ago

lol, lmao

[–] fascicle@leminal.space 3 points 1 week ago

Flaws or features

[–] Badabinski@kbin.earth 2 points 1 week ago

Here's the CVE author's post on the issue if you'd like a more thorough explanation: https://maccarita.com/posts/idesaster/

[–] kayzeekayzee@lemmy.blahaj.zone 2 points 1 week ago

Cybersecurity researchers are amazing at naming stuff