Tag: prompt injection
58 articles

OpenAI Bolsters GPT-5.6 with Automated Red-Teaming Model
OpenAI just unveiled GPT-Red, an automated red-teaming model that's a game-changer in detecting prompt injection attacks, helping to shield its GPT models from vulnerabilities. By mimicking human red-teaming tactics, GPT-Red identifies and feeds back crucial insights to strengthen model defenses before they go live.

AI Coding Assistants Exposed to HalluSquatting Botnet Attack
Researchers have uncovered a sneaky new attack method called HalluSquatting that targets AI coding assistants, exploiting their tendency to invent names and run code with minimal human oversight. This clever tactic chains together AI behaviors like hallucination and prompt injection to deliver malware efficiently.

GitHub AI Agent Exposes Private Repos to Malicious Prompts
A shocking vulnerability in GitHub's AI-powered Agentic Workflows has been discovered, allowing attackers to expose private repositories with just a cleverly crafted issue and some plain English instructions - no coding skills or credentials required. This flaw lets hackers fetch and publicly share sensitive files, putting organizations at risk.

GitHub Agentic Workflows Exposed to Data Leak Threat via Public Issues
GitHub's Agentic Workflows are vulnerable to a data leak threat, as researchers have demonstrated a clever technique called GitLost that tricks AI agents into spilling private content from secure repositories into public comments. All it takes is a simple public issue to launch the attack, with no stolen credentials or special access required.

BioShocking Attack Exploits AI Browsers for Data Theft
Researchers have uncovered a chilling new attack, dubbed BioShocking, that exploits AI browsers to steal sensitive data by cleverly tricking them into treating real actions as fictional. This ingenious technique uses a simple game to condition AI agents into accepting fake actions as valid, putting even the most secure systems at risk.

Researchers Expose Lethal Flaw in AI Model Security
Researchers have uncovered a shocking vulnerability in AI model security, revealing that a simple formatting trick used to separate system instructions from user requests has become a critical weakness. This flaw, known as role confusion, threatens the very foundation of modern AI systems.

Gaslight Malware Exposes AI-Assisted Analysis Limits
Meet Gaslight, a sneaky new macOS malware that uses fake system-failure messages to trick AI-powered analysis tools into doubting themselves. Created by North Korea-aligned threat actors, this Rust-based implant is a clever and concerning threat to cybersecurity.

OWASP Researcher Warns of Unsolved Prompt Injection Risk in AI Development
Ariel Fogel, an AI security researcher, warns that organizations are rapidly deploying AI agents without proper governance, leaving a critical vulnerability - prompt injection - unsolved. This architectural flaw in large language models allows inputs to be processed as a single token sequence, with no reliable way to enforce privilege boundaries.

AI Exploits Emerge as New Security Threat
As AI use grows, a hidden risk is emerging: malicious inputs can alter model behavior, bypassing safeguards and putting enterprises at risk. This "prompt injection" tactic is like phishing, targeting the link between user and system to wreak havoc.

Researchers Expose AI Agents to Malicious Prompt Injection Payloads
Imagine a browser AI that can summarize web pages, but with a hidden vulnerability that allows malicious instructions to be embedded and executed - a newly discovered threat that security researchers are warning deserves our attention. Forcepoint researchers have uncovered 10 real-world examples of indirect prompt injection payloads designed to subvert AI agents and wreak havoc.

Google's Antigravity AI Flaw Exposes Remote Code Risk
Google's top-of-the-line Antigravity AI safeguard can be surprisingly easily tricked into letting its guard down, leaving the door open for attackers to execute remote code. Even with its highest security setting, the AI agent manager's weaknesses can be exploited, putting users at risk.

GitHub AI Agents Exposed to Credential Theft via Prompt Injection
Security researchers have uncovered a shocking vulnerability in popular GitHub AI agents, demonstrating how a simple prompt injection technique can be exploited to steal sensitive credentials, leaving users alarmingly exposed. The findings highlight a disturbing lack of transparency from vendors, putting automation and service access at risk.

Apple Intelligence Exposed to Hijacking Risk via Prompt Injection
Security researchers have discovered a vulnerability in Apple Intelligence, allowing hackers to manipulate the AI system into producing malicious output, including profanity, through a technique called prompt injection. This raises serious concerns about user safety and the effectiveness of current security safeguards.

Unit 42 Research Exposes Risks in Amazon Bedrock's Multi-Agent AI Systems
Unit 42's latest research reveals a hidden threat: multi-agent AI systems on Amazon Bedrock can be vulnerable to new and alarming risks, including prompt injection attacks that practitioners can't afford to ignore. Learn how to safeguard your AI applications from these emerging threats.

Manipulating AI Summarization Features Exclusive Risks
Imagine a Summarize with AI button that not only summarizes text but slips a secret note into the assistant’s memory—nudging it to favor certain companies or viewpoints later. Researchers found dozens of live examples, a simple tactic that could quietly bias advice on money, health, and security without users even noticing.

Chrome Gemini panel Exclusive: Dangerous Extension Risk
If convenience opens a door, who will walk through it? A high‑severity bug let malicious extensions hijack Chrome’s Gemini Live panel and inherit dangerous privileges — now patched, but a clear warning that AI features are reshaping the browser threat model.

The Promptware Kill Chain: Exclusive Critical Risk Guide
What if a stray calendar event or shared doc could become a command to your AI? This guide reveals the promptware kill chain—how attackers weaponize language to steal data, gain persistence, and trigger unauthorized actions, and what you can do to defend against it.

Prompt Injection Via Road Signs: Exclusive Dangerous Threat
Imagine a weathered roadside sign quietly telling a self-driving car to stop on a busy highway — that’s the real and rising threat of prompt injection, where attackers hide natural-language commands in stickers, posters, or paint to hijack drones, delivery bots, and autonomous vehicles. As embodied AI fuses vision and language, these deceptive visuals become a dangerous new attack surface.

AI Coding Assistants Exclusive: Alarming Exports to China
Imagine every line of code you type being quietly copied and sent overseas — researchers now allege two popular AI coding assistants used by 1.5 million developers may be transmitting source code, environment variables and credentials to servers in China.

AI Stunningly Vulnerable: Prompt Injection Crisis
Imagine a drive‑through customer asking you to ignore earlier instructions and hand over the cash—absurd, but that’s exactly what prompt injection can do to AI, tricking models into leaking secrets or obeying forbidden commands. As these deceptively simple attacks slip from research demos into real systems, organizations are scrambling to plug a growing and alarming security gap.

Zero-Click Attack Exclusive: Alarming ChatGPT Data Theft
Imagine your AI assistant quietly doing more than you asked — Radware researchers have uncovered a zero-click prompt-injection that exploits agentic ChatGPT features to make assistants act and leak data across apps with little or no user interaction. Its a wake-up call: autonomy is outpacing control.

OpenAI Stunning Patchwork Exposes Worsening Prompt Risks
Prompt risks have moved out of the lab and into your chat window. Researchers warn that prompt injection and misused system prompts let modestly skilled attackers extract personal data from AI assistants, revealing a dangerous gap between convenience and current defenses.

OpenAI Stunning Band-Aids Fail Against Prompt Injection
Turns out OpenAIs quick fixes cant fully stop prompt injection—its slipping through, and we need smarter, long-term defenses.

AI Browsers Exclusive: Security Leaders Call Risky
Before you roll out agentic browsers, pause—security leaders warn these AI-powered tools can trade productivity for stealthy new attack surfaces. With embedded models, persistent state and plugins able to act for users, CISOs are being urged to block or tightly control them until hardened safeguards arrive.