Anthropic says it has foiled the first-ever AI-orchestrated cyber attack, originating from China
“All AI IDEs… effectively ignore the base software… in their threat model. They treat their features as inherently safe because they've been there for years. However, once you add AI agents that can act autonomously, the same features can be weaponized into data exfiltration and RCE primitives,” said security researcher Ari Marzouk, speaking to The Hacker News .
According to the research report, this is an IDE-agnostic attack chain, beginning with context hijacking via prompt injection. Hidden instructions can be planted in rule files, READMEs, file names, or outputs from malicious MCP servers. Once an agent processes that context, its tools can be directed to perform legitimate actions that trigger unsafe behaviors in the base IDE. The final stage abuses built-in features to extract data or execute attacker code across any AI IDE sharing that base software layer.
One documented example involves writing a JSON file that references a remote schema. The IDE automatically fetches that schema, leaking parameters embedded by the agent, including sensitive data collected earlier in the chain. Visual Studio Code, JetBrains IDEs, and Zed all exhibited this behavior. Even developer safeguards like diff previews did not suppress the outbound request.
Another case study demonstrates full remote code execution through manipulated IDE settings. By editing an executable file already present in the workspace and then modifying configuration fields such as php.validate.executablePath, an attacker can cause the IDE to immediately run arbitrary code the moment a related file type is opened or created. JetBrains tools show similar exposure through workspace metadata.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/researchers-uncover-critical-ai-ide-flaws-exposing-developers-to-data-theft-and-rce#main
- https://www.tomshardware.com
- New computing platform is ‘Made for Making’ — Caligra c100 Developer Terminal targets creators with distraction-free ‘computer for experts’
- Ultimate Cloud Gaming Is Everywhere With GeForce NOW
- Asus quotes customer $3,350 repair bill for RTX 5090 with microscopic 'surface irregularity', more than the entire card's value — offers 50% discount after mont
- Powering AI Superfactories, NVIDIA and Microsoft Integrate Latest Technologies for Inference, Cybersecurity, Physical AI
- Chinese Navy base 3D imaged to 50cm resolution in single satellite pass — US spatial intelligence firm boasts accurate high-res 3D terrain map took just 10 hour
Informational only. No financial advice. Do your own research.