Anthropic says it has foiled the first-ever AI-orchestrated cyber attack, originating from China
“All AI IDEs… effectively ignore the base software… in their threat model. They treat their features as inherently safe because they've been there for years. However, once you add AI agents that can act autonomously, the same features can be weaponized into data exfiltration and RCE primitives,” said security researcher Ari Marzouk, speaking to The Hacker News .
According to the research report, this is an IDE-agnostic attack chain, beginning with context hijacking via prompt injection. Hidden instructions can be planted in rule files, READMEs, file names, or outputs from malicious MCP servers. Once an agent processes that context, its tools can be directed to perform legitimate actions that trigger unsafe behaviors in the base IDE. The final stage abuses built-in features to extract data or execute attacker code across any AI IDE sharing that base software layer.
One documented example involves writing a JSON file that references a remote schema. The IDE automatically fetches that schema, leaking parameters embedded by the agent, including sensitive data collected earlier in the chain. Visual Studio Code, JetBrains IDEs, and Zed all exhibited this behavior. Even developer safeguards like diff previews did not suppress the outbound request.
Another case study demonstrates full remote code execution through manipulated IDE settings. By editing an executable file already present in the workspace and then modifying configuration fields such as php.validate.executablePath, an attacker can cause the IDE to immediately run arbitrary code the moment a related file type is opened or created. JetBrains tools show similar exposure through workspace metadata.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/researchers-uncover-critical-ai-ide-flaws-exposing-developers-to-data-theft-and-rce#main
- https://www.tomshardware.com
- This DDR4 RAM and B550 motherboard bundle saves you $110 — 32GB of G.Skill Ripjaws memory paired with Asus's TUF gaming mobo for only $199
- Acer Nitro 60 review: Gaming desktop essentials done right
- Delivering AI-Ready Enterprise Data With GPU-Accelerated AI Storage
- Research commissioned by OpenAI and Anthropic claims that workers are more efficient when using AI — Up to one hour saved on average, as companies make bid to m
- TP-Link Archer GE400 Wi-Fi 7 gaming router review: Excellent gaming features, mixed bag on performance
Informational only. No financial advice. Do your own research.