Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
06 December 2025
Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution.
The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA). They affect popular