The Register on MSN

IBM's AI agent Bob easily duped to run malware, researchers show

Prompt injection lets risky commands slip past guardrails IBM describes its coding agent thus: "Bob is your AI software ...

Fake error popups are spreading malware fast

Cybercriminals use ErrTraffic tool to automate malware distribution through fake browser error messages, with attacks ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
Computer Weekly

NCSC warns of confusion over true nature of AI prompt injection

The UK’s National Cyber Security Centre (NCSC) has highlighted a potentially dangerous misunderstanding surrounding emergent prompt injection attacks against generative artificial intelligence (GenAI) ...
The Record

UK intelligence warns AI 'prompt injection' attacks might never go away

Security experts working for British intelligence warned on Monday that large language models may never be fully protected from “prompt injection,” a growing type of cyber threat that manipulates AI ...
The Hacker News

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The ...
Bleeping Computer

Microsoft to secure Entra ID sign-ins from script injection attacks

Microsoft plans to enhance the security of the Entra ID authentication system against external script injection attacks starting in mid-to-late October 2026. This update will implement a strengthened ...
GitHub

javascript-injection

SVG XSS Exploiter is a web tool built with Python and Flask that lets users inject JavaScript payloads into SVG images to simulate XSS attacks. Made for ethical hackers and security researchers, it ...
TechSpot

OpenAI's ChatGPT Atlas is vulnerable to prompt injection attacks within the omnibox

Facepalm: Prompt injection attacks are emerging as a significant threat to generative AI services and AI-enabled web browsers. Researchers have now uncovered an even more insidious method – one that ...
Futurism

OpenAI’s New AI Browser Is Already Falling Victim to Prompt Injection Attacks

OpenAI unveiled its Atlas AI browser this week, and it’s already catching heat. Cybersecurity researchers are particularly alarmed by its integrated “agent mode,” currently limited to paying ...
Cyber Defense Magazine

Words as Weapons: What 300K Prompt Injection Attacks Taught Us About AI Security

The AI revolution has transformed how organizations operate, yet beneath the excitement of chatbots and autonomous agents lies a security crisis that most technology leaders are only beginning to ...