How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the security risks of hallucinated dependencies.
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead to the execution of injected code.
Morning Overview on MSN

LiteLLM just fell to a full-chain Pwn2Own exploit combining SSRF and code injection — researchers took full system control

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
JD Supra

Why Employers Should Develop AI Policies for Employees

The use of AI tools in everyday work is no longer theoretical — it is happening. Employees use AI tools to draft emails, summarize documents, ...

Everything announced at the Google I/O 2026 keynote: AI, more AI, and smart glasses

Google's I/O 2026 developer conference has finally wrapped, and the keynote was, truthfully, a bit of a snooze for ...

$200K gone in seconds: How a Morse code message manipulated Grok into a $200,000 crypto transfer—what this shocking incident means for AI security

The incident underscores rising risks at the intersection of artificial intelligence and automated financial systems, especially when bots are granted direct access to digital wallets.

EY retracts study after researchers discover AI hallucinations

EY has withdrawn a study on loyalty rewards programs that included apparent artificial intelligence hallucinations and fake ...