{"data":{"id":"8e0c018a-d06b-4ae3-a0cc-bb64418b9ef6","title":"Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit)","summary":"Windsurf Cascade contains a create_memory tool that could enable SpAIware attacks, which are exploits allowing memory-persistent data exfiltration (stealing data by storing it in an AI's long-term memory). The key question is whether creating these memories requires human approval or happens automatically, which could determine how easily an attacker could abuse this feature.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://embracethered.com/blog/posts/2025/windsurf-spaiware-exploit-persistent-prompt-injection/","publishedAt":"2025-08-22T22:21:58.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Windsurf","Cascade","ChatGPT","OpenAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}