Login
From:
Embrace The Red
(Uncensored)
subscribe
GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773) · Embrace The Red
https://embracethered.com/blog/posts/2025/github-copilot-remote-code-execution-via-prompt-injection/
links
backlinks
Roast topics
Find topics
Find it!
An attacker can put GitHub Copilot into YOLO mode by modifying the project's settings.json file on the fly, and then executing commands, all without user approval
