Bleeping Computer

New AI attack hides data-theft prompts in downscaled images

Researchers have developed a novel attack that steals user data by injecting malicious prompts in images processed by AI systems before delivering them to a large language model. The method relies on ...
CSOonline

Black Hat: Researchers demonstrate zero-click prompt injection attacks in popular AI agents

Researchers from Zenity have found multiple ways to inject rogue prompts into agents from mainstream vendors to extract sensitive data from linked knowledge sources. The number of tools that large ...
Dark Reading

Researchers Detail Zero-Click Copilot Exploit 'EchoLeak'

A critical vulnerability could have enabled attackers to unleash prompt injection attacks against Copilot users, though Microsoft ultimately addressed the issue before it went public. Aim Security, a ...

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is ...
Hosted on MSN

Hackers can use prompt injection attacks to hijack your AI chats — here's how to avoid this serious security flaw

While more and more people are using AI for a variety of purposes, threat actors have already found security flaws that can turn your helpful assistant into their partner in crime without you even ...
TechCrunch

The glaring security risks with AI browser agents

New AI-powered web browsers such as OpenAI’s ChatGPT Atlas and Perplexity’s Comet are trying to unseat Google Chrome as the front door to the internet for billions of users. A key selling point of ...
Search Engine Land

Hidden prompt injection: The black hat trick AI outgrew

For a brief moment, hiding prompt injections in HTML, CSS, or metadata felt like a throwback to the clever tricks of early black hat SEO. Invisible keywords, stealth links, and JavaScript cloaking ...