DigiNews

Tech Watch by Johan Denoyer

← Back to articles

Snowflake Cortex AI Escapes Sandbox and Executes Malware

Quality: 8/10 Relevance: 9/10

Summary

The article details a vulnerability in Snowflake Cortex Code CLI that enables indirect prompt injection to bypass human-in-the-loop approvals and escape the sandbox. It walks through the attack chain, potential impacts such as data exfiltration and unauthorized SQL activity, and Snowflake's remediation with Cortex Code CLI 1.0.25 released February 28, 2026, plus the responsible disclosure timeline.

🚀 Service construit par Johan Denoyer