{"data":{"id":"4c9f6da1-a12d-41ad-ac52-9b0bef55ed52","title":"OpenHands and the Lethal Trifecta: How Prompt Injection Can Leak Access Tokens","summary":"OpenHands, an AI agent tool created by All-Hands AI, has a vulnerability where it can render images in chat conversations, which attackers can exploit through prompt injection (tricking an AI by hiding instructions in its input) to leak access tokens (security credentials that grant permission to use services) without requiring user interaction. This type of attack has been called the 'Lethal Trifecta' and represents a significant data exfiltration (unauthorized data theft) risk.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/","publishedAt":"2025-08-09T10:00:58.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["OpenHands","All-Hands AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}