GovInfoSecurity

Codex Bug Let Repo Files Execute Hidden Commands

OpenAI patched a command injection flaw in its Codex CLI tool that let attackers run arbitrary commands on developer machines ...
Dark Reading

The AI Attack Surface: How Agents Raise the Cyber Stakes

Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent's goals and how agent interaction can be altered to compromise networks.
GitHub

Wait for shell integration to be ready when opening new terminal via API

When extensions use the terminal API to create a new terminal and execute commands immediately, shell integration features (like command detection via terminal_last_command) don't work on the first ...