Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
ZDNet

Mozilla to Firefox users: Here's how we're protecting you from code injection attacks

That hardening work has focused on removing "potentially dangerous artifacts" in the Firefox codebase, including inline scripts and eval()-like functions, according to Mozilla's content security lead ...