A critical vulnerability has been unearthed within GitHub Codespaces, enabling the illicit hijacking of repositories through the integrated AI assistant, Copilot. Designated as RoguePilot, this flaw compromises the intersection of the cloud-based development environment...
At the recent Chaos Communication Congress in Germany, a new warning was issued about the risks associated with AI agents. According to information security specialist Johann Rehberger, a computer running systems such as Claude...
Microsoft has released its December security updates: Patch Tuesday brings fixes for 57 vulnerabilities, including three zero-days (one of which is already being actively exploited) and three critical remote-code-execution flaws. Administrators and Windows users...
More than thirty vulnerabilities have been uncovered in popular AI-enhanced development environments, all of which allow attackers — through a combination of prompt injections and legitimate IDE capabilities — to silently exfiltrate data or...
In June 2025, a researcher operating under the pseudonym rick disclosed a critical vulnerability in GitHub Copilot dubbed CamoLeak, rated CVSS 9.6. The flaw enabled an attacker to surreptitiously exfiltrate sensitive information and source...
Experts at Unit 42 have presented an analysis of vulnerabilities associated with the use of large language model–based coding assistants. These tools, integrated into IDEs such as GitHub Copilot, can perform a wide range...
Veteran Linux kernel developer Sasha Levin, currently at NVIDIA and formerly with Google and Microsoft, has proposed the formal inclusion of guidelines for the use of AI assistants in kernel development within the official...