kerng | Dark Hacker News

user:	kerng
created:	February 22, 2018
karma:	6.2k

1.	Copirate 365: Plundering in the Depths of Microsoft Copilot (CVE-2026-24299)(embracethered.com) 2 points by kerng 12 days ago \| 0 comments
2.	The AI-Assisted Breach of Mexico's Government Infrastructure [pdf](cdn.prod.website-files.com) 6 points by kerng 37 days ago \| 0 comments
3.	GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)(embracethered.com) 128 points by kerng 217 days ago \| 18 comments
4.	Machine Learning Attack Series: Image Scaling Attacks (2020)(embracethered.com) 3 points by kerng 217 days ago \| 0 comments
5.	Month of AI Bugs (August 2025)(monthofaibugs.com) 3 points by kerng 217 days ago \| 0 comments
6.	Cross-Agent Privilege Escalation: When Agents Free Each Other(embracethered.com) 3 points by kerng 235 days ago \| 0 comments
7.	AgentHopper: An AI Virus(embracethered.com) 6 points by kerng 259 days ago \| 0 comments
8.	Amazon Q Developer: Remote Code Execution with Prompt Injection(embracethered.com) 2 points by kerng 263 days ago \| 0 comments
9.	AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection(embracethered.com) 5 points by kerng 263 days ago \| 0 comments
10.	Amazon Q Developer for VS Code: Remote Code Execution with Prompt Injection(embracethered.com) 5 points by kerng 271 days ago \| 1 comment
11.	GitHub Copilot: Remote code execution via prompt injection (CVE-2025-53773)(embracethered.com) 15 points by kerng 278 days ago \| 2 comments
12.	I Spent $500 to Test Devin for Prompt Injection So That You Don't Have To(embracethered.com) 4 points by kerng 284 days ago \| 0 comments
13.	Cursor IDE: Arbitrary Data Exfiltration via Mermaid (CVE-2025-54132)(embracethered.com) 4 points by kerng 286 days ago \| 0 comments
14.	Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration(embracethered.com) 5 points by kerng 327 days ago \| 0 comments
15.	Hosting COM Servers with an MCP Server (AI-Powered Office Automation)(embracethered.com) 3 points by kerng 343 days ago \| 0 comments
16.	AI ClickFix: Hijacking Computer-Use Agents(embracethered.com) 4 points by kerng 358 days ago \| 0 comments
17.	ChatGPT: Dump all your memories and chat history for inspection(twitter.com) 3 points by kerng 1 year ago \| 0 comments
18.	Latest Gemini models now follow invisible Unicode Tag instructions(twitter.com) 5 points by kerng 1 year ago \| 0 comments
19.	Sneaky Bits: Advanced Data Smuggling using just two invisible Unicode characters(embracethered.com) 2 points by kerng 1 year ago \| 0 comments
20.	ChatGPT Operator: Prompt Injection Exploits and Defenses(embracethered.com) 5 points by kerng 1 year ago \| 0 comments
21.	Security ProbLLMs in XAI's Grok: A Deep Dive(embracethered.com) 1 points by kerng 1 year ago \| 0 comments
22.	How to Find XSS in 2024(twitter.com) 3 points by kerng 1 year ago \| 0 comments
23.	Spyware Injection into ChatGPT's Long-Term Memory (SpAIware)(embracethered.com) 5 points by kerng 1 year ago \| 0 comments
24.	Microsoft Copilot: Prompt Injection, ASCII Smuggling and Exfiltration of Emails(embracethered.com) 3 points by kerng 1 year ago \| 0 comments
25.	Google Colab AI: Data Leakage Fixed. Some Risks Remain(embracethered.com) 5 points by kerng 1 year ago \| 0 comments
26.	Breaking Instruction Hierarchy in OpenAI's GPT-4o-mini(embracethered.com) 3 points by kerng 1 year ago \| 0 comments
27.	Prompt Injections in the Wild – Exploiting LLM Agents – Hitcon 2023 [video](youtube.com) 3 points by kerng 1 year ago \| 0 comments
28.	GitHub Copilot: From Prompt Injection to Data Exfiltration(embracethered.com) 7 points by kerng 1 year ago \| 0 comments