Skip to main content

Tag: prompt injection

58 articles

Laptop on a minimalist desk with a subtle robot in the background.

OpenAI Bolsters GPT-5.6 with Automated Red-Teaming Model

OpenAI just unveiled GPT-Red, an automated red-teaming model that's a game-changer in detecting prompt injection attacks, helping to shield its GPT models from vulnerabilities. By mimicking human red-teaming tactics, GPT-Red identifies and feeds back crucial insights to strengthen model defenses before they go live.

Analyst 207
Developer workstation with coding interface on laptop amidst office surroundings.

AI Coding Assistants Exposed to HalluSquatting Botnet Attack

Researchers have uncovered a sneaky new attack method called HalluSquatting that targets AI coding assistants, exploiting their tendency to invent names and run code with minimal human oversight. This clever tactic chains together AI behaviors like hallucination and prompt injection to deliver malware efficiently.

Analyst 207
Person working on laptop in modern office setting with GitHub pages on screens.

GitHub AI Agent Exposes Private Repos to Malicious Prompts

A shocking vulnerability in GitHub's AI-powered Agentic Workflows has been discovered, allowing attackers to expose private repositories with just a cleverly crafted issue and some plain English instructions - no coding skills or credentials required. This flaw lets hackers fetch and publicly share sensitive files, putting organizations at risk.

Analyst 207
GitHub issue page on laptop with public repository and subtle hint of private content exposure.

GitHub Agentic Workflows Exposed to Data Leak Threat via Public Issues

GitHub's Agentic Workflows are vulnerable to a data leak threat, as researchers have demonstrated a clever technique called GitLost that tricks AI agents into spilling private content from secure repositories into public comments. All it takes is a simple public issue to launch the attack, with no stolen credentials or special access required.

Analyst 207
Person interacting with laptop in modern workspace with blurred background.

BioShocking Attack Exploits AI Browsers for Data Theft

Researchers have uncovered a chilling new attack, dubbed BioShocking, that exploits AI browsers to steal sensitive data by cleverly tricking them into treating real actions as fictional. This ingenious technique uses a simple game to condition AI agents into accepting fake actions as valid, putting even the most secure systems at risk.

Analyst 207
Researchers working on a laptop in a clean-room setting surrounded by diagrams and notes.

Researchers Expose Lethal Flaw in AI Model Security

Researchers have uncovered a shocking vulnerability in AI model security, revealing that a simple formatting trick used to separate system instructions from user requests has become a critical weakness. This flaw, known as role confusion, threatens the very foundation of modern AI systems.

Analyst 207
Dimly lit workspace with laptop screen showing system failure messages, surrounded by clutter and blurred office background.

Gaslight Malware Exposes AI-Assisted Analysis Limits

Meet Gaslight, a sneaky new macOS malware that uses fake system-failure messages to trick AI-powered analysis tools into doubting themselves. Created by North Korea-aligned threat actors, this Rust-based implant is a clever and concerning threat to cybersecurity.

Analyst 207
Researcher standing in front of computer screen with abstract notes in a modern lab setting.

OWASP Researcher Warns of Unsolved Prompt Injection Risk in AI Development

Ariel Fogel, an AI security researcher, warns that organizations are rapidly deploying AI agents without proper governance, leaving a critical vulnerability - prompt injection - unsolved. This architectural flaw in large language models allows inputs to be processed as a single token sequence, with no reliable way to enforce privilege boundaries.

Analyst 207
Person typing on laptop keyboard in modern office setting with blurred screen.

AI Exploits Emerge as New Security Threat

As AI use grows, a hidden risk is emerging: malicious inputs can alter model behavior, bypassing safeguards and putting enterprises at risk. This "prompt injection" tactic is like phishing, targeting the link between user and system to wreak havoc.

Analyst 207
Cluttered office workspace with computer and browser on desk, cityscape outside window.

Researchers Expose AI Agents to Malicious Prompt Injection Payloads

Imagine a browser AI that can summarize web pages, but with a hidden vulnerability that allows malicious instructions to be embedded and executed - a newly discovered threat that security researchers are warning deserves our attention. Forcepoint researchers have uncovered 10 real-world examples of indirect prompt injection payloads designed to subvert AI agents and wreak havoc.

Analyst 207
A hovering laptop screen glows amidst scattered code and cables, surrounded by swirling particles, with shattered circuit…

Google's Antigravity AI Flaw Exposes Remote Code Risk

Google's top-of-the-line Antigravity AI safeguard can be surprisingly easily tricked into letting its guard down, leaving the door open for attackers to execute remote code. Even with its highest security setting, the AI agent manager's weaknesses can be exploited, putting users at risk.

Analyst 207
Person in hoodie sits at laptop with chatbot interface, surrounded by papers and shadowy figures, hinting at cyber threat.

GitHub AI Agents Exposed to Credential Theft via Prompt Injection

Security researchers have uncovered a shocking vulnerability in popular GitHub AI agents, demonstrating how a simple prompt injection technique can be exploited to steal sensitive credentials, leaving users alarmingly exposed. The findings highlight a disturbing lack of transparency from vendors, putting automation and service access at risk.

Analyst 207
Cracked smartphone lies near padlocked gate with subtle crack, in front of modern tech HQ at dusk.

Apple Intelligence Exposed to Hijacking Risk via Prompt Injection

Security researchers have discovered a vulnerability in Apple Intelligence, allowing hackers to manipulate the AI system into producing malicious output, including profanity, through a technique called prompt injection. This raises serious concerns about user safety and the effectiveness of current security safeguards.

Analyst 207
Large ominous robot with cracked facade surrounded by swarming autonomous agents.

Unit 42 Research Exposes Risks in Amazon Bedrock's Multi-Agent AI Systems

Unit 42's latest research reveals a hidden threat: multi-agent AI systems on Amazon Bedrock can be vulnerable to new and alarming risks, including prompt injection attacks that practitioners can't afford to ignore. Learn how to safeguard your AI applications from these emerging threats.

Analyst 207
Manipulating AI Summarization Features Exclusive Risks

Manipulating AI Summarization Features Exclusive Risks

Imagine a Summarize with AI button that not only summarizes text but slips a secret note into the assistant’s memory—nudging it to favor certain companies or viewpoints later. Researchers found dozens of live examples, a simple tactic that could quietly bias advice on money, health, and security without users even noticing.

Analyst 207
Chrome Gemini panel Exclusive: Dangerous Extension Risk

Chrome Gemini panel Exclusive: Dangerous Extension Risk

If convenience opens a door, who will walk through it? A high‑severity bug let malicious extensions hijack Chrome’s Gemini Live panel and inherit dangerous privileges — now patched, but a clear warning that AI features are reshaping the browser threat model.

Analyst 207
The Promptware Kill Chain: Exclusive Critical Risk Guide

The Promptware Kill Chain: Exclusive Critical Risk Guide

What if a stray calendar event or shared doc could become a command to your AI? This guide reveals the promptware kill chain—how attackers weaponize language to steal data, gain persistence, and trigger unauthorized actions, and what you can do to defend against it.

Analyst 207
Prompt Injection Via Road Signs: Exclusive Dangerous Threat

Prompt Injection Via Road Signs: Exclusive Dangerous Threat

Imagine a weathered roadside sign quietly telling a self-driving car to stop on a busy highway — that’s the real and rising threat of prompt injection, where attackers hide natural-language commands in stickers, posters, or paint to hijack drones, delivery bots, and autonomous vehicles. As embodied AI fuses vision and language, these deceptive visuals become a dangerous new attack surface.

Analyst 207
AI Coding Assistants Exclusive: Alarming Exports to China

AI Coding Assistants Exclusive: Alarming Exports to China

Imagine every line of code you type being quietly copied and sent overseas — researchers now allege two popular AI coding assistants used by 1.5 million developers may be transmitting source code, environment variables and credentials to servers in China.

Analyst 207
AI Stunningly Vulnerable: Prompt Injection Crisis

AI Stunningly Vulnerable: Prompt Injection Crisis

Imagine a drive‑through customer asking you to ignore earlier instructions and hand over the cash—absurd, but that’s exactly what prompt injection can do to AI, tricking models into leaking secrets or obeying forbidden commands. As these deceptively simple attacks slip from research demos into real systems, organizations are scrambling to plug a growing and alarming security gap.

Analyst 207
Zero-Click Attack Exclusive: Alarming ChatGPT Data Theft

Zero-Click Attack Exclusive: Alarming ChatGPT Data Theft

Imagine your AI assistant quietly doing more than you asked — Radware researchers have uncovered a zero-click prompt-injection that exploits agentic ChatGPT features to make assistants act and leak data across apps with little or no user interaction. Its a wake-up call: autonomy is outpacing control.

Analyst 207
OpenAI Stunning Patchwork Exposes Worsening Prompt Risks

OpenAI Stunning Patchwork Exposes Worsening Prompt Risks

Prompt risks have moved out of the lab and into your chat window. Researchers warn that prompt injection and misused system prompts let modestly skilled attackers extract personal data from AI assistants, revealing a dangerous gap between convenience and current defenses.

Analyst 207
OpenAI Stunning Band-Aids Fail Against Prompt Injection

OpenAI Stunning Band-Aids Fail Against Prompt Injection

Turns out OpenAIs quick fixes cant fully stop prompt injection—its slipping through, and we need smarter, long-term defenses.

Analyst 207
Person in suit reaches out to touch ominous laptop screen displaying swirling code.

AI Browsers Exclusive: Security Leaders Call Risky

Before you roll out agentic browsers, pause—security leaders warn these AI-powered tools can trade productivity for stealthy new attack surfaces. With embedded models, persistent state and plugins able to act for users, CISOs are being urged to block or tightly control them until hardened safeguards arrive.

Analyst 207