Latest in AI

Showing:agent-securityResearchersClear ×

🔥 Trending today

nvidia5 microsoft-build4 agentic-ai4 enterprise-ai4 security3 ai-assistant3 fundraising3 rtx-spark2 ai-agents2 fraud-prevention2

Topic

Release New Tool Tutorial Business Paper Benchmark Opinion Regulation

For

General Developers Designers Product Founders Marketing Researchers Students

How we contain Claude across products
Simon Willison's Weblog2d agoCommentary
Anthropic explains how process sandboxes, VMs, filesystem boundaries, and egress controls limit what Claude agents can access. Claude.ai uses gVisor; local Claude Code uses Seatbelt on macOS and Bubblewrap on Linux; Cowork runs in a full VM. Simon Willison highlights the documentation quality, notes a previously missed file-exfiltration path, and plans to revisit Anthropic's open-source srt tool.
Microsoft Copilot Cowork Exfiltrates Files★ 76
Simon Willison's Weblog7d agoIncident
Simon Willison summarizes a PromptArmor report about Microsoft Copilot Cowork and agentic data exfiltration risks. The issue involved agents sending messages to a user’s own inbox without approval, where rendered external images could trigger requests to attacker-controlled sites. Because OneDrive can create pre-authenticated download links, a successful prompt injection could leak links that allow attackers to download files.