Embrace The Red
wunderwuzzi's blog
learn the hacks, stop the attacks.
Home
Subscribe
Agents
Aug 06 2025
I Spent $500 To Test Devin For Prompt Injection So That You Don't Have To
Aug 05 2025
Amp Code: Arbitrary Command Execution via Prompt Injection Fixed
Aug 04 2025
Cursor IDE: Arbitrary Data Exfiltration Via Mermaid (CVE-2025-54132)
Aug 03 2025
Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation
Aug 02 2025
Turning ChatGPT Codex Into A ZombAI Agent
Aug 01 2025
Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection
Jul 28 2025
The Month of AI Bugs 2025
Jun 24 2025
Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration
May 24 2025
AI ClickFix: Hijacking Computer-Use Agents Using ClickFix