Coding Secrets - Search News

‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems

SymJack’ attack shows how AI coding agents can be manipulated through malicious repositories and MCP servers to steal data and enable software supply chain attacks.

VentureBeat

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...

CSO Online

AI coding is fueling a secrets-sprawl crisis few CISOs are containing

CISOs should treat secrets sprawl as a governance challenge. This means enforcing clear ownership, adopting short-lived ...

CSOonline

Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP

Chrome extensions were spotted leaking sensitive browser data like API keys, secrets, and tokens via unguarded HTTP transmissions and hardcoded spills. Seemingly harmless Chrome extensions aimed at ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results