THREATOPS
THREAT OPSThreat News › GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)

GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)

lowembracetheredPublished 2025-08-12

<a id="top_ref"></a>

<p>This post is about an important, but also scary, prompt injection discovery that leads to full system compromise of the developer&rsquo;s machine in <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53773">GitHub Copilot and VS Code</a>.</p> <p><strong>It is achieved by placing Copilot into YOLO mode by modifying the project’s <code>settings.json</cod

Indicators of compromise

Original source: https://embracethered.com/blog/posts/2025/github-copilot-remote-code-execution-via-prompt-injection/