Advertisement
Meta AI Support Bot Exploited for Instagram Account Takeovers
Hackers manipulated Meta's AI support assistant to bypass authentication and seize high-profile Instagram accounts, including government entities.
Anthropic Claude Mythos-Class Models: Security Implications of Public Rollout
Anthropic confirms public rollout plans for Claude Mythos-class models, addressing previous delays caused by software security risks and safety concerns.
Microsoft RAMPART and Clarity: Securing AI Agents Against Exploitation
Microsoft open-sources RAMPART and Clarity to provide developers with frameworks for red teaming and observing autonomous AI agents against prompt injection.
Claude Code and Gemini CLI: Prompt Injection via Code Comments
Research reveals how Claude Code, Gemini CLI, and GitHub Copilot agents are vulnerable to prompt injection attacks via malicious source code comments.
OpenClaw AI Agent Flaws: Prompt Injection and Data Exfiltration Risk
CNCERT warns of critical security flaws in OpenClaw AI agents, enabling prompt injection and data exfiltration due to weak default configurations.
Manipulating Perplexity Comet AI via Reasoning-Based Phishing
Researchers from Guardio demonstrate a rapid attack vector against Perplexity’s Comet AI browser, tricking it into executing malicious phishing tasks.
RoguePilot Vulnerability: GitHub Codespaces GITHUB_TOKEN Leak
Orca Security researchers discovered RoguePilot, a flaw in GitHub Codespaces allowing attackers to steal GITHUB_TOKENs through indirect prompt injection.