Techniques and defenses from the MINJA, InjecMEM, and ToxicSkills campaigns that poison AI agents’ memory files, and the fact that GPT-5.3-Codex achieved a 72% exploit success rate on EVMbench released by OpenAI and Paradigm. This article organizes how AI becomes both a target of attacks and a weapon for attackers.
This article explains how Cline’s issue‑triage bot was exploited via a three‑step chain—prompt injection, cache poisoning, and credential commingling—leading to an unauthorized package release that potentially affected about five million users.
A breakdown of how Notepad++'s WinGUp updater was hijacked through a hosting provider compromise and used to serve malicious binaries to selected users.
