Tag: Windsurf
-
Embrace The Red: Wrap Up: The Month of AI Bugs
Source URL: https://embracethered.com/blog/posts/2025/wrapping-up-month-of-ai-bugs/ Source: Embrace The Red Title: Wrap Up: The Month of AI Bugs Feedly Summary: That’s it. The Month of AI Bugs is done. There won’t be a post tomorrow, because I will be at PAX West. Overview of Posts ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection | Video ChatGPT…
-
Embrace The Red: Windsurf MCP Integration: Missing Security Controls Put Users at Risk
Source URL: https://embracethered.com/blog/posts/2025/windsurf-dangers-lack-of-security-controls-for-mcp-server-tool-invocation/ Source: Embrace The Red Title: Windsurf MCP Integration: Missing Security Controls Put Users at Risk Feedly Summary: Part of my default test cases for coding agents is to check how MCP integration looks like, especially if the agent can be configured to allow setting fine-grained controls for tools. Sometimes there are basic…
-
Embrace The Red: Sneaking Invisible Instructions by Developers in Windsurf
Source URL: https://embracethered.com/blog/posts/2025/windsurf-sneaking-invisible-instructions-for-prompt-injection/ Source: Embrace The Red Title: Sneaking Invisible Instructions by Developers in Windsurf Feedly Summary: Imagine a malicious instruction hidden in plain sight, invisible to you but not to the AI. This is a vulnerability discovered in Windsurf Cascade, it follows invisible instructions. This means there can be instructions in a file or…
-
Embrace The Red: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit)
Source URL: https://embracethered.com/blog/posts/2025/windsurf-spaiware-exploit-persistent-prompt-injection/ Source: Embrace The Red Title: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit) Feedly Summary: In this second post about Windsurf Cascade we are exploring the SpAIware attack, which allows memory persistent data exfiltration. SpAIware is an attack we first successfully demonstrated with ChatGPT last year and OpenAI mitigated. While inspecting the system prompt…
-
Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…
-
Slashdot: Linux Kernel Could Soon Expose Every Line AI Helps Write
Source URL: https://linux.slashdot.org/story/25/07/25/1950226/linux-kernel-could-soon-expose-every-line-ai-helps-write?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Linux Kernel Could Soon Expose Every Line AI Helps Write Feedly Summary: AI Summary and Description: Yes Summary: Brian Fagioli reports on Sasha Levin’s proposed patch series for integrating AI coding assistants into the Linux kernel, which introduces key guidelines for managing AI-generated contributions. This effort highlights the growing…
-
Slashdot: Robinhood CEO Says Majority of Company’s New Code Written by AI
Source URL: https://developers.slashdot.org/story/25/07/17/1918220/robinhood-ceo-says-majority-of-companys-new-code-written-by-ai?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Robinhood CEO Says Majority of Company’s New Code Written by AI Feedly Summary: AI Summary and Description: Yes Summary: The text discusses Robinhood CEO Vlad Tenev’s comments on the significant reliance on AI in code generation at Robinhood. The emphasis on AI-generated code highlights a growing trend in the…
-
Slashdot: Cognition AI Buys Windsurf as AI Frenzy Escalates
Source URL: https://slashdot.org/story/25/07/14/1820248/cognition-ai-buys-windsurf-as-ai-frenzy-escalates?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Cognition AI Buys Windsurf as AI Frenzy Escalates Feedly Summary: AI Summary and Description: Yes Summary: The acquisition of Windsurf by Cognition AI highlights the competitive landscape in AI software development, particularly in coding assistance technologies. This shift signifies a larger trend towards automating software creation and enhancing productivity…