kerng
- Karma
- 0
- Created
- ()
- Submissions
- 0
- Copirate 365: Plundering in the Depths of Microsoft Copilot (CVE-2026-24299) (embracethered.com)
- The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] (cdn.prod.website-files.com)
- GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773) (embracethered.com)
- Machine Learning Attack Series: Image Scaling Attacks (2020) (embracethered.com)
- Month of AI Bugs (August 2025) (monthofaibugs.com)
- Cross-Agent Privilege Escalation: When Agents Free Each Other (embracethered.com)
- AgentHopper: An AI Virus (embracethered.com)
- Amazon Q Developer: Remote Code Execution with Prompt Injection (embracethered.com)
- AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection (embracethered.com)
- Amazon Q Developer for VS Code: Remote Code Execution with Prompt Injection (embracethered.com)
- GitHub Copilot: Remote code execution via prompt injection (CVE-2025-53773) (embracethered.com)
- I Spent $500 to Test Devin for Prompt Injection So That You Don't Have To (embracethered.com)
- Cursor IDE: Arbitrary Data Exfiltration via Mermaid (CVE-2025-54132) (embracethered.com)
- Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration (embracethered.com)
- Hosting COM Servers with an MCP Server (AI-Powered Office Automation) (embracethered.com)
- AI ClickFix: Hijacking Computer-Use Agents (embracethered.com)
- Sneaky Bits: Advanced Data Smuggling using just two invisible Unicode characters (embracethered.com)
- ChatGPT Operator: Prompt Injection Exploits and Defenses (embracethered.com)
- Security ProbLLMs in XAI's Grok: A Deep Dive (embracethered.com)
- How to Find XSS in 2024 (twitter.com)
- Spyware Injection into ChatGPT's Long-Term Memory (SpAIware) (embracethered.com)
- Microsoft Copilot: Prompt Injection, ASCII Smuggling and Exfiltration of Emails (embracethered.com)
- Google Colab AI: Data Leakage Fixed. Some Risks Remain (embracethered.com)