A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing Secure Mode protections. Security researchers have revealed a prompt ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.

A critical vulnerability in Gemini CLI led to remote code execution and supply chain attacks via indirect prompt injections.

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. CVE-2025 ...

There appears to be a recent epidemic of users hijacking companies’ AI-powered customer service bots to turn them into generic AI assistants. The goal is to get the branded bots to do their bidding, ...

Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious instructions designed to achieve financial fraud, data destruction, API key ...

Dubbed Bleeding Llama, the flaw gives attackers direct access to sensitive data stored in the most popular framework for ...

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability.