Security researchers have discovered a severe vulnerability in GitHub Copilot and Visual Studio Code that enables attackers to achieve remote code execution on developer machines through sophisticated prompt injection techniques.
The flaw, designated as CVE-2025-53773, allows malicious actors to manipulate the AI assistant into modifying critical configuration files, effectively compromising entire development environments.
https://cyberpress.org/windows-rds-flaw/