THREAT OPS › Threat News › Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
<a id="top_ref"></a>
<p>This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called <a href="https://windsurf.com/cascade">Windsurf Cascade</a>.</p> <p>The attack vectors we will explore today allow an adversary during an indirect prompt injection to exfiltrate data from the develope
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- https://windsurf.com/cascadeurl
- https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/url
- https://techcrunch.com/2025/07/11/windsurfs-ceo-goes-to-google-openais-acquisition-falls-apart/url