Tag: lethal trifecta
-
Simon Willison’s Weblog: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You
Source URL: https://simonwillison.net/2025/Aug/13/screaming-in-the-cloud/ Source: Simon Willison’s Weblog Title: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You Feedly Summary: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You I recorded this podcast conversation with Corey Quinn a few weeks ago: On this episode of Screaming in the…
-
Simon Willison’s Weblog: AI for data engineers with Simon Willison
Source URL: https://simonwillison.net/2025/Aug/11/ai-for-data-engineers/#atom-everything Source: Simon Willison’s Weblog Title: AI for data engineers with Simon Willison Feedly Summary: AI for data engineers with Simon Willison I recorded an episode last week with Claire Giordano for the Talking Postgres podcast. The topic was “AI for data engineers" but we ended up covering an enjoyable range of different…
-
Simon Willison’s Weblog: Chromium Docs: The Rule Of 2
Source URL: https://simonwillison.net/2025/Aug/11/the-rule-of-2/ Source: Simon Willison’s Weblog Title: Chromium Docs: The Rule Of 2 Feedly Summary: Chromium Docs: The Rule Of 2 Alex Russell pointed me to this principle in the Chromium security documentation as similar to my description of the lethal trifecta. First added in 2019, the Chromium guideline states: When you write code…
-
Embrace The Red: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets
Source URL: https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/ Source: Embrace The Red Title: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets Feedly Summary: Another day, another AI data exfiltration exploit. Today we talk about OpenHands, formerly referred to as OpenDevin initially. It’s created by All-Hands AI. OpenHands renders images in chat, which enables zero-click data exfiltration during prompt injection…