CyberSecurityBoard
Sponsor Register Login

Lies in the Loop: Attack AI Coding Agents

The article "Lies in the Loop: Attack AI Coding Agents" explores the emerging cybersecurity risks associated with AI coding agents. These AI systems, designed to automate software development, are vulnerable to sophisticated attacks that manipulate their learning and decision-making processes. The piece highlights how attackers can exploit AI coding agents by feeding them deceptive inputs, leading to compromised code and security flaws. It emphasizes the need for robust defenses and continuous monitoring to safeguard AI-driven development environments. The article also discusses the broader implications for application security, urging organizations to adapt their security strategies to address AI-specific threats. Key recommendations include integrating AI threat intelligence, enhancing code review processes, and fostering collaboration between AI developers and security teams. This comprehensive analysis provides valuable insights for cybersecurity professionals aiming to protect AI coding agents from adversarial attacks and ensure the integrity of AI-generated software.

This Cyber News was published on www.darkreading.com. Publication date: Mon, 15 Sep 2025 14:50:05 +0000


Cyber News related to Lies in the Loop: Attack AI Coding Agents

New Slopsquatting Attack Leverage Coding Agents Workflows to Deliver Malware - Researchers have identified a sophisticated new supply-chain threat targeting AI-powered development workflows, where malicious actors exploit coding agents‘ tendency to “hallucinate” non-existent package names to distribute ...
4 months ago Cybersecuritynews.com
AI Coding Tools: How to Address Security Issues - In 2022, a surge of AI-based coding assistants revolutionized the software development landscape. Even though organizations everywhere are using AI-based coding, there remains a tug-of-war within organizations between the benefits and security fears ...
1 year ago Securityboulevard.com
SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are - SquareX’s research reveals that Browser AI Agents are more likely tofall prey to cyberattacks than employees, making them the new weakest link that enterprisesecurity teams need to look out for. Moreimportantly, employees using Browser AI Agents ...
5 months ago Cybersecuritynews.com
Lies in the Loop: Attack AI Coding Agents - The article "Lies in the Loop: Attack AI Coding Agents" explores the emerging cybersecurity risks associated with AI coding agents. These AI systems, designed to automate software development, are vulnerable to sophisticated attacks that manipulate ...
2 months ago Darkreading.com
A Framework for Maintaining Code Security With AI Coding Assistants - Today, there are countless AI coding assistants available that promise to lighten developers' loads. It's an issue that software development firms and solo coders are only beginning to come to grips with. Either use AI coding assistants and accept ...
1 year ago Feeds.dzone.com
Vibe Coding Is the New Open Source - The article "Vibe Coding Is the New Open Source" explores a fresh paradigm in collaborative software development that transcends traditional open-source models. Vibe coding emphasizes real-time, synchronous collaboration where developers share not ...
1 month ago Wired.com
Google Unveils A2A Protocol That Enable AI Agents Collaborate to Automate Workflows - The protocol is built on five key design principles: embracing agentic capabilities that allow agents to collaborate in unstructured modalities, building on existing standards like HTTP and JSON-RPC, ensuring security by default with enterprise-grade ...
7 months ago Cybersecuritynews.com
Rethinking identity security in the age of autonomous AI agents - As autonomous AI agents become increasingly prevalent, the landscape of identity security is undergoing a significant transformation. These AI-driven entities, capable of performing complex tasks independently, introduce new challenges and risks to ...
1 month ago Bleepingcomputer.com
Revolutionize Sustainability with AI, Observability, and Cisco Tech - As the Vice President of an organization deeply committed to technological advancements and environmental sustainability, I am thrilled to announce an exciting coding challenge. Our Build for Better coding challenge invites you to be at the forefront ...
1 year ago Feedpress.me
CVE-2025-38692 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Epik, the Far-Right's Favorite Web Host, Has a Shadowy New Owner - A technology company that has been essential in keeping far-right and extremist websites online was acquired last year by a firm that operates an empire of shell companies across the United States, according to people familiar with the deal. Epik.com ...
1 year ago Wired.com
Security Concerns Shadow Vibe Coding Adoption - The adoption of Vibe coding, a new programming approach, is raising significant security concerns within the application security community. As organizations increasingly integrate Vibe coding into their development processes, experts warn about ...
1 month ago Darkreading.com
Slow Pisces Hackers Attacking Developers With Coding Challenges & Python Malware - Security experts recommend developers implement strict code execution policies, employ isolated development environments, and exercise caution when running code from external sources, even when it appears to come from legitimate coding platforms or ...
7 months ago Cybersecuritynews.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
OpenAI releases big upgrade for ChatGPT Codex for agentic coding - OpenAI has launched a significant upgrade to its ChatGPT Codex, enhancing its capabilities for agentic coding. This upgrade aims to improve the AI's ability to autonomously write, debug, and optimize code, making it a powerful tool for developers and ...
3 months ago Bleepingcomputer.com
AI models can be weaponized to hack websites on their own The Register - AI models, the subject of ongoing safety concerns about harmful and biased output, pose a risk beyond content emission. When wedded with tools that enable automated interaction with other systems, they can act on their own as malicious agents. ...
1 year ago Go.theregister.com
Microsoft Unveils New Security Copilot Agents & Protections for AI - The Alert Triage Agents in Microsoft Purview prioritize data loss prevention and insider risk incidents, while the Conditional Access Optimization Agent in Microsoft Entra identifies security gaps in identity protection policies. Additional Microsoft ...
8 months ago Cybersecuritynews.com
OpenAI's new GPT-5 Codex model takes on Claude Code - OpenAI has introduced its latest AI model, GPT-5 Codex, designed to compete directly with Anthropic's Claude Code. This new model represents a significant advancement in AI coding assistants, aiming to enhance developer productivity and code ...
2 months ago Bleepingcomputer.com
Microsoft open-sources VS Code Copilot Chat extension on GitHub - GitHub Copilot Chat is an AI assistant extension for VS Code, allowing developers to chat with a GPT4-based model inside the editor to get help with coding tasks. With the Copilot Chat extension now publicly available on GitHub, developers are ...
5 months ago Bleepingcomputer.com
Key Breakthroughs from RSA Conference 2025 - Day 1 - Sumo Logic unveiled intelligent security operations with capabilities like detection-as-code (bringing DevSecOps to threat detection), UEBA historical baselining (improving accuracy by learning behavior over time), multiple threat intelligence feeds, ...
7 months ago Cybersecuritynews.com Inception
Grok 4 benchmark results: Tops math, ranks second in coding - Gemini 2.5 Pro and Claude still remain the best models for coding, but that might change when xAI ships Grok 4 Code in August. Grok 4 is a huge leap from Grok 3, but how good is it compared to other models in the market, such as Gemini 2.5 Pro? We ...
4 months ago Bleepingcomputer.com
Argument Injection Vulnerability in AI Agents: Risks and Mitigations - The article discusses a critical security flaw known as the Argument Injection Vulnerability affecting AI agents. This vulnerability allows attackers to manipulate the input arguments of AI systems, potentially leading to unauthorized command ...
1 month ago Cybersecuritynews.com
CVE-2022-49993 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
5 Essential Programming Languages for Cybersecurity Pros - Coding is an essential skill across almost every technological discipline today, and cybersecurity is no exception. Cybersecurity professionals must understand coding concepts in order to correctly interpret the activity of malicious actors on their ...
1 year ago Techtarget.com
Zero Trust has a blind spot: your AI agents - Zero Trust security models are widely adopted to protect organizations from cyber threats by verifying every access request as though it originates from an open network. However, a critical blind spot has emerged with the rise of AI agents operating ...
1 month ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)