CEO & Founder, Knostic. CISO-in-Residence for AI, Cloud Security Alliance. Founder @Cymmetria (acquired). Scifi geek, dance teacher. Opinions my own.
30,000 feet (road warrior)
Joined July 2008
- Tweets 15,248
- Following 2,070
- Followers 5,521
- Likes 8,528
Pinned Tweet
No breach has been observed, and we are fully compliant with government regulations and industry standards
Gadi Evron retweeted
"I was a former Red Teamer" is the equivalent of "I used to be a Navy SEAL... back in Call of Duty." #badjoke
Gadi Evron retweeted
“Vibe coding is safe and production ready”, AI “experts” say.
Vibe coding: “hold my beer”
I just got this from 5 different people. It’s claimed to be an open source xbow. Go try auto-pentest your apps. Security open source startups are back!
Go @Strix
github.com/usestrix/strix
It’s fascinating to watch how someone writes an opinion piece on a topic, say “the collapse of OpenAI”, only for two thousand others to release influencer posts on it the next two weeks as fact.
Nano-particle vaccine stops cancer in mice. We live in the future.
Article:
sciencedaily.com/releases/20…
Paper:
cell.com/cell-reports-medici…
Ransomware has appeared in the VS Marketplace and makes me worry. Clearly created through AI, it makes many mistakes like including decryption tools in extension. If this makes it into the marketplace through, what impact would anything more sophisticated cause?
secureannex.com/blog/ransomv…
Knostic protects developers and AI coding agents against attacks such as these. Learn more: knostic.ai/ai-coding-securit…
MCP servers, extensions, and even simple prompts and rules introduce third-party risks that push the CI/CD boundaries and extend the organizational perimeter to the developer’s workstation.
From a security program management perspective, AI coding assistants also increase the range of supply chain threats organizations must tackle.
Impact:
- Interpreter-level execution can directly call the file system and native APIs
- An attacker can inject JavaScript into the running IDE, fully controlling the UI.
We demonstrate how an attacker can:
- Gain full file-system access
- Modify or replace installed extensions
- Persist code that reattaches after restart.
Our purpose is to deep dive into these attacks, understand why they continue to work, and suggest defensive approaches. Especially when it comes to cyber defense and AppSec (aside for Knostic wink wink), the industry doesn’t yet have capabilities in this realm.
While we’re releasing a PoC, and it may even be unique, we’ve seen this kind of attack many times this past year alone.
A JavaScript injection attack on Cursor, facilitated by a malicious extension, can take over the IDE and the developer workstation.🧵🧵knostic.ai/blog/demonstratin…
Holy wow Batman. We live in the future. I try and stay up to date, but it’s not trivial. Have you seen any recent development that stopped you cold?
popularmechanics.com/science…
Gadi Evron retweeted
LinkedIn post by @gadievron about an ongoing attack campaign targeting AI coding agents such as Cursor and Windsurf, through extensions in the Open VSX marketplace
linkedin.com/posts/gadievron…
If you want the original research...
secureannex.com/blog/sleepyd…