FlagThis - Latest Cybersecurity News

A critical vulnerability in the Blackbox AI VS Code extension enables remote code execution (RCE) and full host compromise via Indirect Prompt Injection (IPI). Lead researcher Ahmad Al-Salehi of ERNW demonstrated that by embedding malicious instructions within non-text files—specifically poisoned PNG images—attackers can leverage the extension's OCR processing pipeline to hijack the AI agent. The exploit allows for the deployment of a reverse shell and subsequent privilege escalation to 'sudo' root access. This vulnerability poses a severe risk to developers, as processing any attacker-controlled file can lead to complete system takeover.