How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead to the execution of injected code.
Morning Overview on MSN

LiteLLM just fell to a full-chain Pwn2Own exploit combining SSRF and code injection — researchers took full system control

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...
JD Supra

Why Employers Should Develop AI Policies for Employees

The use of AI tools in everyday work is no longer theoretical — it is happening. Employees use AI tools to draft emails, summarize documents, ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
Analytics Insight

AI Security, Stanford University

Stanford University’s AI Security (XACS134) is an online, on-demand course designed for professionals seeking to understand ...

$200K gone in seconds: How a Morse code message manipulated Grok into a $200,000 crypto transfer—what this shocking incident means for AI security

The incident underscores rising risks at the intersection of artificial intelligence and automated financial systems, especially when bots are granted direct access to digital wallets.
Security Boulevard

DLP Wasn’t Built for AI. Here Are 10 Reasons It Shows. – FireTail Blog

May 18, 2026 - Alan Fagan - Ninety percent of AI usage across the average organization is untracked, ungoverned and unsecured. Ninety-seven percent of organizations using generative AI have already ...