malicious instructions – Page 3 – Experimental News Clipping Site

Simon Willison’s Weblog: GitHub MCP Exploited: Accessing private repositories via MCP

May 27, 2025

—

by

Source URL: https://simonwillison.net/2025/May/26/github-mcp-exploited/#atom-everything Source: Simon Willison’s Weblog Title: GitHub MCP Exploited: Accessing private repositories via MCP Feedly Summary: GitHub MCP Exploited: Accessing private repositories via MCP GitHub’s official MCP server grants LLMs a whole host of new abilities, including being able to read and issues in repositories the user has access to and submit new…

Simon Willison’s Weblog: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft

May 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/23/remote-prompt-injection-in-gitlab-duo/ Source: Simon Willison’s Weblog Title: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Feedly Summary: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Yet another example of the classic Markdown image exfiltration attack, this time affecting GitLab Duo – GitLab’s chatbot. Omer Mayraz reports on how…

Docker: Securing Model Context Protocol: Safer Agentic AI with Containers

May 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.docker.com/blog/whats-next-for-mcp-security/ Source: Docker Title: Securing Model Context Protocol: Safer Agentic AI with Containers Feedly Summary: Model Context Protocol (MCP) tools remain primarily in the hands of early adopters, but broader adoption is accelerating. Alongside this growth, MCP security concerns are becoming more urgent. By increasing agent autonomy, MCP tools introduce new risks related…

Wired: AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

Apr 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://arstechnica.com/security/2025/04/ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-heres-why/ Source: Wired Title: AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks Feedly Summary: A new study found that code generated by AI is more likely to contain made-up information that can be used to trick software into interacting with malicious code. AI Summary and Description: Yes Summary: The text reports…

Schneier on Security: Applying Security Engineering to Prompt Injection Security

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/04/applying-security-engineering-to-prompt-injection-security.html Source: Schneier on Security Title: Applying Security Engineering to Prompt Injection Security Feedly Summary: This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police…

Simon Willison’s Weblog: CaMeL offers a promising new direction for mitigating prompt injection attacks

Apr 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/11/camel/#atom-everything Source: Simon Willison’s Weblog Title: CaMeL offers a promising new direction for mitigating prompt injection attacks Feedly Summary: In the two and a half years that we’ve been talking about prompt injection attacks I’ve seen alarmingly little progress towards a robust solution. The new paper Defeating Prompt Injections by Design from Google…

Simon Willison’s Weblog: Model Context Protocol has prompt injection security problems

Apr 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/9/mcp-prompt-injection/#atom-everything Source: Simon Willison’s Weblog Title: Model Context Protocol has prompt injection security problems Feedly Summary: As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built on that protocol are starting to come…

Slashdot: How AI Coding Assistants Could Be Compromised Via Rules File

Mar 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://developers.slashdot.org/story/25/03/23/2138230/how-ai-coding-assistants-could-be-compromised-via-rules-file?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: How AI Coding Assistants Could Be Compromised Via Rules File Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant security vulnerability in AI coding assistants like GitHub Copilot and Cursor, highlighting how malicious rule configuration files can be used to inject backdoors and vulnerabilities in…

Tag: malicious instructions