prompt injection

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

AI, Artificial Intelligence, prompt injection /

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google 2026-04-27 at 20:43 By Eduard Kovacs The tech giant found that many indirect prompt injection attempts are harmless, but some malicious exploits have also been identified. The post Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google appeared first on SecurityWeek. This […]

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google Read More »

Indirect prompt injection is taking hold in the wild

agentic AI, AI, data theft, Don't miss, DoS, Forcepoint, Google, Hot stuff, LLMs, News, prompt injection, research, SEO, threat /

Indirect prompt injection is taking hold in the wild 2026-04-24 at 23:26 By Zeljka Zorz The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (more or less) covert instructions inside ordinary web pages, waiting for an AI agent

Indirect prompt injection is taking hold in the wild Read More »

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

AI, AI hack, Artificial Intelligence, Claude Code, GitHub Copilot, prompt injection /

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments 2026-04-16 at 12:11 By Eduard Kovacs A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’. The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments Read More »

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks

Artificial Intelligence, bug bounty program, OpenAI, prompt injection, Vulnerabilities /

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks 2026-03-27 at 15:33 By Ionut Arghire Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm. The post OpenAI Launches Bug Bounty Program for Abuse and Safety Risks appeared first on SecurityWeek. This article is an excerpt from

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks Read More »

Microsoft details AI prompt abuse techniques targeting AI assistants

Artificial Intelligence, Microsoft, News, prompt injection /

Microsoft details AI prompt abuse techniques targeting AI assistants 2026-03-24 at 14:02 By Anamarija Pogorelec Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top risks in the 2025

Microsoft details AI prompt abuse techniques targeting AI assistants Read More »

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

AI, Copilot, GitHub, prompt injection, RoguePilot, Vulnerabilities, vulnerability /

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover 2026-02-24 at 14:26 By Ionut Arghire Attackers can inject malicious instructions in a GitHub Issue that are automatically processed by Copilot when launching a Codespace from that issue. The post GitHub Issues Abused in Copilot Attack Leading to Repository Takeover appeared first on SecurityWeek. This

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover Read More »

Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data 

AI, Artificial Intelligence, Gemini, Gemini Enterprise, GeminiJack, prompt injection /

Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data  2025-12-10 at 15:18 By Eduard Kovacs GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents. The post Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data  Read More »

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks

AI, Artificial Intelligence, Chrome, Google, prompt injection /

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks 2025-12-08 at 20:02 By Ionut Arghire Chrome’s new agentic browsing protections include user alignment critic, expanded origin-isolation capabilities, and user confirmations. The post Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks Read More »

DeepTeam: Open-source LLM red teaming framework

Don't miss, framework, GitHub, LLMs, News, open source, prompt injection, red team, software /

DeepTeam: Open-source LLM red teaming framework 2025-11-26 at 07:37 By Sinisa Markovic Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an open-source framework built to probe these systems before they reach users, and it takes

DeepTeam: Open-source LLM red teaming framework Read More »

How attackers use patience to push past AI guardrails

Artificial Intelligence, Cisco, CISO, Don't miss, Hot stuff, News, prompt injection, research /

How attackers use patience to push past AI guardrails 2025-11-18 at 08:44 By Anamarija Pogorelec Most CISOs already assume that prompt injection is a known risk. What may come as a surprise is how quickly those risks grow once an attacker is allowed to stay in the conversation. A new study from Cisco AI Defense

How attackers use patience to push past AI guardrails Read More »

Shadow AI: New ideas emerge to tackle an old problem in new form

1Password, Artificial Intelligence, Don't miss, Eye Security, Hot stuff, LLMs, News, open source, prompt injection, shadow IT, survey /

Shadow AI: New ideas emerge to tackle an old problem in new form 2025-10-31 at 09:13 By Zeljka Zorz Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe,

Shadow AI: New ideas emerge to tackle an old problem in new form Read More »

AI agents can leak company data through simple web searches

agentic AI, Artificial Intelligence, cybersecurity, Data leak, Don't miss, enterprise, Features, Hot stuff, Lasso Security, News, prompt injection, research, threats /

AI agents can leak company data through simple web searches 2025-10-29 at 10:24 By Mirko Zorz When a company deploys an AI agent that can search the web and access internal documents, most teams assume the agent is simply working as intended. New research shows how that same setup can be used to quietly pull

AI agents can leak company data through simple web searches Read More »

Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results

AI, AI hack, Artificial Intelligence, Gemini, prompt injection /

Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results 2025-09-30 at 18:45 By Eduard Kovacs Researchers found more methods for tricking an AI assistant into aiding sensitive data theft. The post Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results Read More »

Salesforce AI Hack Enabled CRM Data Theft

AI, AI hack, Artificial Intelligence, data theft, prompt injection, Salesforce AI /

Salesforce AI Hack Enabled CRM Data Theft 2025-09-25 at 21:26 By Eduard Kovacs Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak. The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Salesforce AI Hack Enabled CRM Data Theft Read More »

Stealthy attack serves poisoned web pages only to AI agents

agentic AI, AI, Don't miss, Hot stuff, JFrog, News, prompt injection, research /

Stealthy attack serves poisoned web pages only to AI agents 2025-09-05 at 14:30 By Zeljka Zorz AI agents can be tricked into covertly performing malicious actions by websites that are hidden from regular users’ view, JFrog AI architect Shaked Zychlinski has found. This novel approach allows attackers to inject prompts / instructions into these autonomous

Stealthy attack serves poisoned web pages only to AI agents Read More »

AI Systems Vulnerable to Prompt Injection via Image Scaling Attack

AI, Artificial Intelligence, image scaling, prompt injection /

AI Systems Vulnerable to Prompt Injection via Image Scaling Attack 2025-08-26 at 13:47 By Eduard Kovacs Researchers show how popular AI systems can be tricked into processing malicious instructions by hiding them in images. The post AI Systems Vulnerable to Prompt Injection via Image Scaling Attack appeared first on SecurityWeek. This article is an excerpt

AI Systems Vulnerable to Prompt Injection via Image Scaling Attack Read More »

Google Gemini Tricked Into Showing Phishing Message Hidden in Email 

AI jailbreak, Artificial Intelligence, Google Gemini, prompt injection, vulnerability /

Google Gemini Tricked Into Showing Phishing Message Hidden in Email  2025-07-14 at 17:04 By Eduard Kovacs Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email  appeared first on SecurityWeek. This article is an excerpt

Google Gemini Tricked Into Showing Phishing Message Hidden in Email  Read More »

Microsoft: “Hack” this LLM-powered service and get paid

Don't miss, hacking contest, Hot stuff, LLMs, Microsoft, News, prompt injection /

Microsoft: “Hack” this LLM-powered service and get paid 2024-12-09 at 18:04 By Zeljka Zorz Microsoft, in collaboration with the Institute of Science and Technology Australia and ETH Zurich, has announced the LLMail-Inject Challenge, a competition to test and improve defenses against prompt injection attacks. The setup and the challenge LLMail is a simulated email client

Microsoft: “Hack” this LLM-powered service and get paid Read More »

Scroll to Top