SecurityWeek

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in ...
Decrypt

Malicious Web Pages Are Hijacking AI Agents, And Some Are Going After Your PayPal

Google's security team scanned billions of web pages and found real payloads designed to trick AI agents into sending money, ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
Security Boulevard

FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures

A consequential shift is underway in how enterprise breaches begin. The leaked credential — once treated as a hygiene problem ...
SecurityWeek

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

An easily exploitable, high-severity vulnerability in the PackageKit cross-distro package management abstraction layer allows ...
CSO Online

Microsoft patched an ‘agent-only’ role that was not

A mis-scoped Agent ID Administrator role in Entra ID allowed users to take ownership of unrelated service principals, ...