News

SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
ZDNet

Hacker slips malicious 'wiping' command into Amazon's Q AI coding assistant - and devs are worried

A while back, my ZDNET colleague David Gewirtz worried that someday AI coding agents could destroy open-source software. That day has come. A "="" ai="" coding="" agent"="">. Also: Coding with AI? My ...
ExtremeTech

Hacker Sneaks Data-Deleting Prompt Into Amazon's AI Coding Tool

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...