He said, “Unfortunately, due to the natural language nature of early injection, it is not enough to block them using classifier or any kind of blacklisting,” he said Their report“There are many ways to write them, hiding them behind gentle subjects, using separate fencing, tone, languages, etc., as we do not consider malware to be certain because another sample has made it in a denial list, the same is right for quick injection.”
Kirsa Kurser Coding Assistant through JIRA ticket
As part of the same research effort, Zenity also examined the cursor, one of the most popular AI-Assisted Code Editors and IDE. Cursor can integrate with several third-party equipment, including cumin, which is one of the most popular project management platforms used to release.
“You can ask the cursor to look at your prescribed tickets, summarize open issues, and even turn off the tickets or answer automatically, all from within your editor. It feels great, isn’t it?” Researchers said. “But tickets are not always made by developers. In many companies, tickets for external systems such as Zendesk are automatically sinking in JIRA. This means that an external actor can send an email to a Zendesk-connected support address and inject incredible input in agent’s workflow.”
