Tag: software development
-
Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection
Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…
-
Tomasz Tunguz: Explore vs. Exploit in Agentic Coding
Source URL: https://www.tomtunguz.com/explore-vs-exploit-in-agentic-coding/ Source: Tomasz Tunguz Title: Explore vs. Exploit in Agentic Coding Feedly Summary: AI coding assistants like Cursor and Replit have rewritten the rules of software distribution almost overnight. But how do companies like these manage margins? Power users looking to manage as many agents as possible may find themselves at odds with…
-
Slashdot: Remember the Companies Making Vital Open Source Contributions
Source URL: https://news.slashdot.org/story/25/08/16/1749228/remember-the-companies-making-vital-open-source-contributions?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Remember the Companies Making Vital Open Source Contributions Feedly Summary: AI Summary and Description: Yes Summary: The text highlights the critical role of large tech companies in contributing to open-source projects, emphasizing that their involvement often stems from self-interest rather than altruism. It underscores how significant contributions from companies…
-
Docker: Docker @ Black Hat 2025: CVEs have everyone’s attention, here’s the path forward
Source URL: https://www.docker.com/blog/docker-black-hat-2025-secure-software-supply-chain/ Source: Docker Title: Docker @ Black Hat 2025: CVEs have everyone’s attention, here’s the path forward Feedly Summary: CVEs dominated the conversation at Black Hat 2025. Across sessions, booth discussions, and hallway chatter, it was clear that teams are feeling the pressure to manage vulnerabilities at scale. While scanning remains an important…
-
The Register: Secure chat darling Matrix admits pair of ‘high severity’ protocol flaws need painful fixes
Source URL: https://www.theregister.com/2025/08/13/secure_chat_darling_matrix_admits/ Source: The Register Title: Secure chat darling Matrix admits pair of ‘high severity’ protocol flaws need painful fixes Feedly Summary: Foundation warns federated servers face biggest risk, but single-instance users can take their time The maintainers of the federated secure chat protocol Matrix are warning users of a pair of “high severity…
-
Embrace The Red: GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)
Source URL: https://embracethered.com/blog/posts/2025/github-copilot-remote-code-execution-via-prompt-injection/ Source: Embrace The Red Title: GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773) Feedly Summary: This post is about an important, but also scary, prompt injection discovery that leads to full system compromise of the developer’s machine in GitHub Copilot and VS Code. It is achieved by placing Copilot into YOLO…
-
Cloud Blog: Accelerate AI with Cloud Run: Sign up now for a developer workshop near you!
Source URL: https://cloud.google.com/blog/topics/developers-practitioners/accelerate-ai-with-cloud-run-sign-up-now-for-a-developer-workshop-near-you/ Source: Cloud Blog Title: Accelerate AI with Cloud Run: Sign up now for a developer workshop near you! Feedly Summary: The AI revolution has delivered a magical moment for developers: the ability to generate a working application prototype in minutes. With AI-assisted tools like Gemini CLI and Code Assist, an idea can…
-
The Register: VS Code previews chat checkpoints for unpicking careless talk
Source URL: https://www.theregister.com/2025/08/12/vs_code_previews_chat_checkpoints/ Source: The Register Title: VS Code previews chat checkpoints for unpicking careless talk Feedly Summary: Microsoft’s AI-centric code editor and IDE adds the ability to rollback misguided AI prompts The Microsoft Visual Studio Code (VS Code) team has rolled out version 1.103 with new features including GitHub Copilot chat checkpoints.… AI Summary…