eWeek

‘ChatGPhish’ Attack Turns ChatGPT Summaries Into Phishing Lures

Permiso researchers found ChatGPhish, a prompt-injection issue that can cause ChatGPT summaries to display phishing links, ...

New CISA Warning: Hackers Are Targeting Fuel Tank Monitoring Systems

CISA warns attackers are targeting internet-exposed Automatic Tank Gauge systems used in fuel storage. Here’s what operators ...

Everything announced at the Google I/O 2026 keynote: AI, more AI, and smart glasses

Welcome to the agentic era.
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...

OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood ...
The Next Web

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned every project that uses it

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.
heise online

Cisco: Code injection vulnerability in Unity Connection and other flaws

Two vulnerabilities are found in Cisco's Unity Connection. The more severe one allows authenticated attackers from the network to inject and execute malicious code via manipulated API requests to the ...
PCMag

Gemini 3.5 Flash Is the Fastest AI Coding Model I've Used...and Extremely Error-Prone

Gemini 3.5 Flash is shockingly fast at generating code and spinning up agents, but that speed comes at a cost: sloppy ...
Decrypt

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.
PCMag on MSN

OpenAI rolls out lockdown mode to fight prompt injection attacks

The new feature promises increased protection against these types of attacks, but you'll have to sacrifice a lot of ...

CISA orders feds to patch actively exploited Drupal vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection ...