Security Boulevard

Best of 2025: Indirect prompt injection attacks target common LLM data sources

While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn't always the most efficient — and least noisy — way to get the LLM to do bad ...
The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...

The Real-World Attacks Behind OWASP Agentic AI Top 10

OWASP's new Agentic AI Top 10 highlights real-world attacks already targeting autonomous AI systems, from goal hijacking to ...
Press Publications

YEAR IN REVIEW 2025

Before we say goodbye to 2025 and welcome in 2026, it is a tradition of the White Bear Press and Vadnais Heights Press to ...