<![CDATA[These AI agent attacks are getting ridiculous]]>These AI agent attacks are getting ridiculous

Malicious code hidden in source code repositories can trick AI coding agents into overwriting their own configuration files

Link Preview Image
The approval prompt is lying: a critical coding agent security flaw

A critical coding agent security flaw, SynJack, lets a fake "video copy" rewrite config in Claude, Cursor, Copilot, Codex, Grok, and Gemini. How to stop RCE.

favicon

Adversa AI | Agentic AI Security (adversa.ai)

]]>https://board.circlewithadot.net/topic/a21d6c8d-7a5d-4e80-a1b4-2ac890feeb58/these-ai-agent-attacks-are-getting-ridiculousRSS for NodeSun, 31 May 2026 17:54:45 GMTWed, 27 May 2026 23:00:27 GMT60<![CDATA[Reply to These AI agent attacks are getting ridiculous on Thu, 28 May 2026 03:27:59 GMT]]>@campuscodi

Link Preview Image
]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/cjust/statuses/116650074433842181https://board.circlewithadot.net/post/https://infosec.exchange/users/cjust/statuses/116650074433842181Thu, 28 May 2026 03:27:59 GMT<![CDATA[Reply to These AI agent attacks are getting ridiculous on Thu, 28 May 2026 01:33:46 GMT]]>@campuscodi Karma!]]>https://board.circlewithadot.net/post/https://friendica.myportal.social/objects/e65e1095-126a-179b-7ac0-6fd267289037https://board.circlewithadot.net/post/https://friendica.myportal.social/objects/e65e1095-126a-179b-7ac0-6fd267289037Thu, 28 May 2026 01:33:46 GMT<![CDATA[Reply to These AI agent attacks are getting ridiculous on Thu, 28 May 2026 01:21:45 GMT]]>@cwbussard @campuscodi Or putting a blackhole for the slop provider's domain name in /etc/hosts so the whole thing stops working. ๐Ÿ˜ˆ

]]>https://board.circlewithadot.net/post/https://hachyderm.io/users/dalias/statuses/116649578005202611https://board.circlewithadot.net/post/https://hachyderm.io/users/dalias/statuses/116649578005202611Thu, 28 May 2026 01:21:45 GMT<![CDATA[Reply to These AI agent attacks are getting ridiculous on Thu, 28 May 2026 01:14:17 GMT]]>@dalias @campuscodi

Yes... I think there'd be an audience for a plug-and-play version that you could just drop into any repo that would prevent AI slop pull requests by tricking the AI slop tools into nuking the local copy.

]]>https://board.circlewithadot.net/post/https://ioc.exchange/users/cwbussard/statuses/116649548708531397https://board.circlewithadot.net/post/https://ioc.exchange/users/cwbussard/statuses/116649548708531397Thu, 28 May 2026 01:14:17 GMT<![CDATA[Reply to These AI agent attacks are getting ridiculous on Wed, 27 May 2026 23:14:50 GMT]]>@dalias @campuscodi plus wellโ€ฆ it's not code]]>https://board.circlewithadot.net/post/https://queer.hacktivis.me/objects/635338e2-5932-4663-aedf-99d067af87d4https://board.circlewithadot.net/post/https://queer.hacktivis.me/objects/635338e2-5932-4663-aedf-99d067af87d4Wed, 27 May 2026 23:14:50 GMT<![CDATA[Reply to These AI agent attacks are getting ridiculous on Wed, 27 May 2026 23:08:58 GMT]]>@campuscodi I don't call that malicious code I call that self-defense.

]]>https://board.circlewithadot.net/post/https://hachyderm.io/users/dalias/statuses/116649055920106801https://board.circlewithadot.net/post/https://hachyderm.io/users/dalias/statuses/116649055920106801Wed, 27 May 2026 23:08:58 GMT