development environments – Page 2 – Experimental News Clipping Site

Embrace The Red: How Prompt Injection Exposes Manus’ VS Code Server to the Internet

Aug 25, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/manus-ai-kill-chain-expose-port-vs-code-server-on-internet/ Source: Embrace The Red Title: How Prompt Injection Exposes Manus’ VS Code Server to the Internet Feedly Summary: Today we will cover a powerful, easy to use, autonomous agent called Manus. Manus is developed by the Chinese startup Monica, based in Singapore. This post demonstrates an end-to-end indirect prompt injection attack leading…

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…

Embrace The Red: Amazon Q Developer: Remote Code Execution with Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-remote-code-execution/ Source: Embrace The Red Title: Amazon Q Developer: Remote Code Execution with Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a popular coding agent, with over 1 million downloads. The extension is vulnerable to indirect prompt injection, and in this post we discuss a vulnerability that…

Cloud Blog: Beyond guardrails: A taxonomy of platform engineering control mechanisms

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/application-modernization/platform-engineering-control-mechanisms/ Source: Cloud Blog Title: Beyond guardrails: A taxonomy of platform engineering control mechanisms Feedly Summary: The promise of platform engineering is to accelerate software delivery by empowering developers with self-service capabilities. However, this must be balanced with security, compliance, and operational stability, and for this, you need robust controls. But all too…

Cloud Blog: How Google does it: Your guide to platform engineering

Aug 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/application-modernization/a-guide-to-platform-engineering/ Source: Cloud Blog Title: How Google does it: Your guide to platform engineering Feedly Summary: What guides your approach to software development? In our roles at Google, we’re constantly working to build better software, faster. Within Google, our Developer Platform team and Google Cloud have a strategic partnership and a shared strategy:…

Simon Willison’s Weblog: simonw/codespaces-llm

Aug 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/13/codespaces-llm/#atom-everything Source: Simon Willison’s Weblog Title: simonw/codespaces-llm Feedly Summary: simonw/codespaces-llm GitHub Codespaces provides full development environments in your browser, and is free to use with anyone with a GitHub account. Each environment has a full Linux container and a browser-based UI using VS Code. I found out today that GitHub Codespaces come with…

Embrace The Red: GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)

Aug 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/github-copilot-remote-code-execution-via-prompt-injection/ Source: Embrace The Red Title: GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773) Feedly Summary: This post is about an important, but also scary, prompt injection discovery that leads to full system compromise of the developer’s machine in GitHub Copilot and VS Code. It is achieved by placing Copilot into YOLO…

The Register: VS Code previews chat checkpoints for unpicking careless talk

Aug 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/12/vs_code_previews_chat_checkpoints/ Source: The Register Title: VS Code previews chat checkpoints for unpicking careless talk Feedly Summary: Microsoft’s AI-centric code editor and IDE adds the ability to rollback misguided AI prompts The Microsoft Visual Studio Code (VS Code) team has rolled out version 1.103 with new features including GitHub Copilot chat checkpoints.… AI Summary…

Docker: Tooling ≠ Glue: Why changing AI workflows still feels like duct tape

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.docker.com/blog/why-changing-ai-workflows-still-feels-like-duct-tape/ Source: Docker Title: Tooling ≠ Glue: Why changing AI workflows still feels like duct tape Feedly Summary: There’s a weird contradiction in modern AI development. We have better tools than ever. We’re building smarter systems with cleaner abstractions. And yet, every time you try to swap out a component in your stack,…

Tag: development environments