extensions – Page 2 – Experimental News Clipping Site

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…

Embrace The Red: Amazon Q Developer: Remote Code Execution with Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-remote-code-execution/ Source: Embrace The Red Title: Amazon Q Developer: Remote Code Execution with Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a popular coding agent, with over 1 million downloads. The extension is vulnerable to indirect prompt injection, and in this post we discuss a vulnerability that…

Cloud Blog: Beyond guardrails: A taxonomy of platform engineering control mechanisms

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/application-modernization/platform-engineering-control-mechanisms/ Source: Cloud Blog Title: Beyond guardrails: A taxonomy of platform engineering control mechanisms Feedly Summary: The promise of platform engineering is to accelerate software delivery by empowering developers with self-service capabilities. However, this must be balanced with security, compliance, and operational stability, and for this, you need robust controls. But all too…

Slashdot: $1M Stolen in ‘Industrial-Scale Crypto Theft’ Using AI-Generated Code

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/08/11/0037258/1m-stolen-in-industrial-scale-crypto-theft-using-ai-generated-code?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: $1M Stolen in ‘Industrial-Scale Crypto Theft’ Using AI-Generated Code Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a sophisticated cybercrime operation, GreedyBear, which utilizes a highly coordinated strategy, weaponizing browser extensions and phishing sites to facilitate industrial-scale crypto theft. The group’s innovative techniques, including the modification…

Simon Willison’s Weblog: ChatGPT agent’s user-agent

Aug 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/4/chatgpt-agents-user-agent/#atom-everything Source: Simon Willison’s Weblog Title: ChatGPT agent’s user-agent Feedly Summary: I was exploring how ChatGPT agent works today. I learned some interesting things about how it exposes its identity through HTTP headers, then made a huge blunder in thinking it was leaking its URLs to Bingbot and Yandex… but it turned out…

Simon Willison’s Weblog: ChatGPT agent triggers crawls from Bingbot and Yandex

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/4/chatgpt-agents-agent/#atom-everything Source: Simon Willison’s Weblog Title: ChatGPT agent triggers crawls from Bingbot and Yandex Feedly Summary: ChatGPT agent is the recently released (and confusingly named) ChatGPT feature that provides browser automation combined with terminal access as a feature of ChatGPT – replacing their previous Operator research preview which is scheduled for deprecation on…

Docker: How Docker MCP Toolkit Works with VS Code Copilot Agent Mode

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.docker.com/blog/mcp-toolkit-and-vs-code-copilot-agent/ Source: Docker Title: How Docker MCP Toolkit Works with VS Code Copilot Agent Mode Feedly Summary: In the rapidly evolving landscape of software development, integrating modern AI tools is essential to boosting productivity and enhancing the developer experience. One such advancement is the integration of Docker’s Model Context Protocol (MCP) Toolkit with…

The Register: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/ Source: The Register Title: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons Feedly Summary: Devs told to exercise ‘extreme caution’ with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.… AI Summary and Description: Yes Summary: Mozilla has issued a…

The Cloudflare Blog: Vulnerability disclosure on SSL for SaaS v1 (Managed CNAME)

Aug 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/vulnerability-disclosure-on-ssl-for-saas-v1-managed-cname/ Source: The Cloudflare Blog Title: Vulnerability disclosure on SSL for SaaS v1 (Managed CNAME) Feedly Summary: An upcoming vulnerability disclosure in Cloudflare’s SSL for SaaSv1 is detailed, explaining the steps we’ve taken towards deprecation. AI Summary and Description: Yes Summary: The text discusses a vulnerability discovered in Cloudflare’s SSL for SaaS v1…

Slashdot: Linux 6.16 Brings Faster File Systems, Improved Confidential Memory Support, and More Rust Support

Jul 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://linux.slashdot.org/story/25/07/29/2118206/linux-616-brings-faster-file-systems-improved-confidential-memory-support-and-more-rust-support?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Linux 6.16 Brings Faster File Systems, Improved Confidential Memory Support, and More Rust Support Feedly Summary: AI Summary and Description: Yes Summary: The article details significant updates in the Linux 6.16 kernel focusing on improvements relevant to security, performance, and hardware support, particularly through the integration of Rust programming…

Tag: extensions