Indirect Prompt Injection Is Now a Real-World AI Security Threat

AI agents are now being weaponized through prompt injection, exposing why model guardrails are not enough to protect ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...
ZDNet

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Malicious web prompts can weaponize AI without your input. Indirect prompt injection is now a top LLM security risk. Don't treat AI chatbots as fully secure or all-knowing. Artificial intelligence (AI ...
VentureBeat

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...
Dark Reading

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

An attack chain featuring three separate flaws found in Anthropic's Claude artificial intelligence (AI) agent could have allowed attackers to embed malicious hidden instructions in a pre-filled chat ...
ProPublica

Oil Regulators Found Hundreds of Wells Violating Oklahoma Rules. Then They Ignored Their Findings.

This article was produced for ProPublica’s Local Reporting Network in partnership with The Frontier. Sign up for Dispatches to get stories like this one as soon as they are published. Five years ago, ...
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security risks stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an ...
Nextgov

FBI queries of Americans’ data under FISA 702 rose 35% in 2025

Get the latest federal technology news delivered to your inbox. FBI searches of U.S. person data collected using a controversial spying authority rose some 35% in 2025, according to an FBI letter to ...
InfoQ

Google BigQuery Previews Cross-Region SQL Queries for Distributed Data

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
VentureBeat

Anthropic published the prompt injection failure rates that enterprise security teams have been asking every vendor for

Run a prompt injection attack against Claude Opus 4.6 in a constrained coding environment, and it fails every time, 0% success rate across 200 attempts, no safeguards needed. Move that same attack to ...
CNBC

Pfizer says obesity injection shows promise as monthly treatment in mid-stage trial

Pfizer said its experimental obesity drug, which it acquired through Metsera, drove solid weight loss when taken once a month in a mid-stage trial. The data offer early evidence that the injection can ...
San Antonio Current

New lawsuit claims ‘catastrophic impacts’ from injection wells in Texas’ Permian Basin

Don’t Miss a Moment. Join 30,000 locals who stay current on San Antonio news, culture, and events. Get our free newsletters in your inbox three times a week. Join 30,000 locals who stay current on San ...