#prompt-injection

[ follow ]
fromTheregister
1 day ago

Sneaky Mermaid attack in Microsoft 365 Copilot steals data

As a proof of concept, Logue asked M365 Copilot to summarize a specially crafted financial report document with an indirect prompt injection payload hidden in the seeming innocuous "summarize this document" prompt. The payload uses M365 Copilot's search_enterprise_emails tool to fetch the user's recent emails, and instructs the AI assistant to generate a bulleted list of the fetched contents, hex encode the output, and split up the string of hex-encoded output into multiple lines containing up to 30 characters per line.
Information security
Information security
fromFuturism
1 day ago

OpenAI's New AI Browser Is Already Falling Victim to Prompt Injection Attacks

AI-powered browsers with autonomous agent modes are vulnerable to indirect prompt injection, enabling hidden instructions that can cause AIs to perform harmful actions.
#ai-browsers
fromZDNET
1 day ago
Artificial intelligence

Are AI browsers worth the security risk? Why experts are worried

fromZDNET
1 day ago
Artificial intelligence

Are AI browsers worth the security risk? Why experts are worried

#ai-security
fromMedium
1 week ago
Artificial intelligence

From Red Teaming to Real Protection: Building Enterprise AI Security for the Agentic Era

Privacy technologies
fromZDNET
2 months ago

Researchers used Gemini to break into Google Home - here's how

Researchers demonstrated a hack of Google Home devices via the Gemini AI model, utilizing a prompt injection attack via Google Calendar invites.
fromMedium
1 week ago
Artificial intelligence

From Red Teaming to Real Protection: Building Enterprise AI Security for the Agentic Era

#ai-browser
fromFortune
3 days ago
Information security

Experts warn OpenAI's ChatGPT Atlas has security vulnerabilities that could turn it against users-revealing sensitive data, downloading malware, and worse | Fortune

fromFuturism
2 months ago
Information security

Using an AI Browser Lets Hackers Drain Your Bank Account Just by Showing You a Public Reddit Post

fromFortune
3 days ago
Information security

Experts warn OpenAI's ChatGPT Atlas has security vulnerabilities that could turn it against users-revealing sensitive data, downloading malware, and worse | Fortune

fromFuturism
2 months ago
Information security

Using an AI Browser Lets Hackers Drain Your Bank Account Just by Showing You a Public Reddit Post

Artificial intelligence
fromFast Company
2 weeks ago

Sweet revenge! How a job candidate used a flan recipe to expose an AI recruiter

An account executive embedded a prompt in his LinkedIn bio instructing LLMs to include a flan recipe; an AI recruiter reply later included that recipe.
Artificial intelligence
fromSecurityWeek
2 weeks ago

Will AI-SPM Become the Standard Security Layer for Safe AI Adoption?

AI security posture management continuously detects, evaluates, and remediates AI and LLM security and compliance risks, enabling transparent, governed, and policy-aligned AI use.
fromTheregister
2 weeks ago

Google declares AI bug hunting season open

Google on Monday rolled out a new AI Vulnerability Reward Program to encourage researchers to find and report flaws in its AI systems, with rewards of up to $30,000 for a single qualifying report. In addition to a base reward of up to $20,000 for the highest-tier AI product flaw, Google adopted the same report multipliers, influenced by vulnerability reporting quality, as it uses for its traditional security Vulnerability Reward Program (VRP).
Artificial intelligence
Artificial intelligence
fromThe Verge
2 weeks ago

Google's AI bounty program pays bug hunters up to $30K

Google launched an AI bug bounty focused on rogue actions and data-exfiltration in AI products, offering rewards (including $20,000) for qualifying reports.
Information security
fromThe Hacker News
3 weeks ago

CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief

CometJacking uses a malicious URL to instruct Perplexity's Comet AI browser to exfiltrate connected-service data (email, calendar) via obfuscated prompts.
Information security
fromThe Hacker News
3 weeks ago

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Three now-patched vulnerabilities in Google's Gemini AI could have allowed prompt and search-injection attacks and user data exfiltration across cloud services and browsing tools.
#agentic-ai
fromZDNET
2 months ago
Information security

Perplexity's Comet AI browser could expose your data to attackers - here's how

fromZDNET
2 months ago
Information security

Perplexity's Comet AI browser could expose your data to attackers - here's how

#salesforce-agentforce
Information security
fromDataBreaches.Net
1 month ago

Salesforce AI Hack Enabled CRM Data Theft - DataBreaches.Net

Prompt injection and an expired domain enabled a ForcedLeak attack that could steal data from Salesforce Agentforce via its Web-to-Lead feature.
fromThe Hacker News
1 month ago

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection. The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security, which discovered and reported the problem on July 28, 2025. It impacts any organization using Salesforce Agentforce with the Web-to-Lead functionality enabled.
Information security
Information security
fromTheregister
1 month ago

Deepfaked calls hit 44% of businesses in last year: Gartner

AI-generated deepfakes and prompt-injection attacks targeted staff, with audio and video deepfakes causing operational and financial losses and evading detection.
fromZDNET
1 month ago

How researchers tricked ChatGPT into sharing sensitive email data

While AI agents show promise in bringing AI assistance to the next level by carrying out tasks for users, that autonomy also unleashes a whole new set of risks. Cybersecurity company Radware, as by The Verge, decided to test OpenAI's Deep Research agent for those risks -- and the results were alarming. Also: OpenAI's Deep Research has more fact-finding stamina than you, but it's still wrong half the time
Information security
#shadowleak
Information security
fromTheregister
1 month ago

ChatGPT's agent can dodge select CAPTCHAs after priming

Prompt misdirection and replay into an agent chat can coax ChatGPT to solve many CAPTCHA types, undermining CAPTCHA effectiveness as a human-only test.
fromSecurityWeek
1 month ago

ChatGPT Tricked Into Solving CAPTCHAs

AI agents have guardrails in place to prevent them from solving any CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), based on ethical, legal, and platform-policy reasons. When asked directly, a ChatGPT agent refuses to solve a CAPTCHA, but anyone can apparently use misdirection to trick the agent into giving its consent to solve the test, and this is what SPLX demonstrated.
Artificial intelligence
#llm-security
Artificial intelligence
fromBusiness Insider
1 month ago

The billion-dollar rivalry over 'ChatGPT for doctors' just got nastier with dueling lawsuits

Two major healthcare AI companies, Doximity and OpenEvidence, are engaged in escalating lawsuits over alleged impersonation, prompt-injection attacks, trade-secret theft, and reputational harm.
Information security
fromArs Technica
1 month ago

Claude's new AI file creation feature ships with deep security risks built in

Anthropic's file creation feature has prompt-injection risks despite mitigations, so sensitive data requires cautious use and organizational evaluation of protections.
Artificial intelligence
fromFast Company
1 month ago

Chatbots aren't supposed to call you a jerk-but they can be convinced

AI chatbots can be persuaded to bypass safety guardrails using human persuasion techniques like flattery, social pressure, and establishing harmless precedents.
#llm-safety
fromFortune
1 month ago
Artificial intelligence

Researchers used persuasion techniques to manipulate ChatGPT into breaking its own rules-from calling users jerks to giving recipes for lidocaine

fromFortune
1 month ago
Artificial intelligence

Researchers used persuasion techniques to manipulate ChatGPT into breaking its own rules-from calling users jerks to giving recipes for lidocaine

Artificial intelligence
fromCSO Online
1 month ago

LLMs easily exploited using run-on sentences, bad grammar, image scaling

Large language models remain easily manipulated into revealing sensitive data via prompt formatting and hidden-image attacks due to alignment training gaps and brittle prompt security.
Artificial intelligence
fromTheregister
1 month ago

Anthropic teases Claude for Chrome with massive warnings

Claude for Chrome gives Max-tier users automated web browsing control while introducing significant browser-extension security, privacy, and prompt-injection risks.
#generative-ai
fromSecuritymagazine
2 months ago
Science

Agentic AI Browsers Exploited by "PromptFix" Trick Technique

A new prompt injection technique uses fake CAPTCHA pages to trick generative AI agents into executing malicious actions and visiting lookalike storefronts.
fromHackernoon
1 year ago
Artificial intelligence

Prompt Injection Is What Happens When AI Trusts Too Easily | HackerNoon

Generative AI is becoming essential in daily life, but it poses significant security threats like prompt injection, which can manipulate AI systems.
Artificial intelligence
fromHackernoon
1 year ago

Prompt Injection Is What Happens When AI Trusts Too Easily | HackerNoon

Generative AI is becoming essential in daily life, but it poses significant security threats like prompt injection, which can manipulate AI systems.
Information security
fromTheregister
2 months ago

AWS patches Q Developer after prompt injection, RCE demo

Amazon fixed prompt-injection and RCE-capable vulnerabilities in the Amazon Q Developer VS Code extension by updating the language server and adding human-in-the-loop approval.
Information security
fromThe Hacker News
2 months ago

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

PromptFix hides malicious instructions inside fake CAPTCHA checks to trick GenAI browsers and agentic AI into interacting with phishing sites and performing attacker actions.
#cybersecurity
fromHackernoon
3 months ago
Privacy professionals

The Prompt Protocol: Why Tomorrow's Security Nightmares Will Be Whispered, Not Coded | HackerNoon

fromHackernoon
3 months ago
Privacy professionals

The Prompt Protocol: Why Tomorrow's Security Nightmares Will Be Whispered, Not Coded | HackerNoon

#ai
fromArs Technica
5 months ago
Artificial intelligence

Researchers cause GitLab AI developer assistant to turn safe code malicious

AI-assisted developer tools can be easily manipulated by malicious inputs, posing significant security risks to developers.
fromArs Technica
6 months ago
Artificial intelligence

Researchers claim breakthrough in fight against AI's frustrating security hole

Prompt injections jeopardize AI systems; Google DeepMind's CaMeL offers a potential solution by treating language models as untrusted components within security frameworks.
Artificial intelligence
fromArs Technica
6 months ago

Researchers claim breakthrough in fight against AI's frustrating security hole

Prompt injections jeopardize AI systems; Google DeepMind's CaMeL offers a potential solution by treating language models as untrusted components within security frameworks.
[ Load more ]