Post · bonfire.cafe

kriware :verified:

@kriware@infosec.exchange · 2 weeks ago

GitHub Copilot: RCE via Prompt Injection

A prompt-injection attack enables Copilot to auto-approve via chat.tools.autoApprove, triggering YOLO mode and run arbitrary code

https://embracethered.com/blog/posts/2025/github-copilot-remote-code-execution-via-prompt-injection/

#promptinjection #cve

Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.2.11 no JS en

Automatic federation enabled