4 months ago|discuss
user: kerng
6200 karma | created 8 years ago
recent submissions
GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)
(embracethered.com)
128 pts|4 months ago|18 comments
Machine Learning Attack Series: Image Scaling Attacks (2020)
(embracethered.com)
3 pts|4 months ago|discuss
Month of AI Bugs (August 2025)
(monthofaibugs.com)
3 pts|4 months ago|discuss
Cross-Agent Privilege Escalation: When Agents Free Each Other
(embracethered.com)
3 pts|5 months ago|discuss
AgentHopper: An AI Virus
(embracethered.com)
6 pts|6 months ago|discuss
Amazon Q Developer: Remote Code Execution with Prompt Injection
(embracethered.com)
2 pts|6 months ago|discuss
AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection
(embracethered.com)
5 pts|6 months ago|discuss
Amazon Q Developer for VS Code: Remote Code Execution with Prompt Injection
(embracethered.com)
5 pts|6 months ago|1 comment
GitHub Copilot: Remote code execution via prompt injection (CVE-2025-53773)
(embracethered.com)
15 pts|6 months ago|2 comments
I Spent $500 to Test Devin for Prompt Injection So That You Don't Have To
(embracethered.com)
4 pts|6 months ago|discuss
Cursor IDE: Arbitrary Data Exfiltration via Mermaid (CVE-2025-54132)
(embracethered.com)
4 pts|6 months ago|discuss
8 months ago|discuss
Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration
(embracethered.com)
5 pts|8 months ago|discuss
Hosting COM Servers with an MCP Server (AI-Powered Office Automation)
(embracethered.com)
3 pts|8 months ago|discuss
AI ClickFix: Hijacking Computer-Use Agents
(embracethered.com)
4 pts|9 months ago|discuss
3 pts|9 months ago|discuss
5 pts|10 months ago|discuss
Sneaky Bits: Advanced Data Smuggling using just two invisible Unicode characters
(embracethered.com)
2 pts|11 months ago|discuss
ChatGPT Operator: Prompt Injection Exploits and Defenses
(embracethered.com)
5 pts|1 year ago|discuss