Wired

OpenAI Really Wants Codex to Shut Up About Goblins

“Never talk about goblins, gremlins, raccoons, trolls, ogres, pigeons, or other animals or creatures unless it is absolutely and unambiguously relevant,” reads OpenAI’s coding agent instructions.
ZDNet

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Malicious web prompts can weaponize AI without your input. Indirect prompt injection is now a top LLM security risk. Don't treat AI chatbots as fully secure or all-knowing. Artificial intelligence (AI ...
Fast Company

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

There appears to be a recent epidemic of users hijacking companies’ AI-powered customer service bots to turn them into generic AI assistants. The goal is to get the branded bots to do their bidding, ...
VentureBeat

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...
CSOonline

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing Secure Mode protections. Security researchers have revealed a prompt ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since ...
VentureBeat

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...
BizTech

Prompt Injection Attacks: The LLM Security Risk IT Leaders Must Address

Security leaders must adapt large language model controls such as input validation, output filtering and least-privilege access for artificial intelligence systems to prevent prompt injection attacks.
9to5Mac

Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue allowed researchers to circumvent Apple’s restrictions and force the on-device LLM to execute attacker-controlled actions. Here’s how they did it. Interestingly, they ...
TechSpot

The Windows Command Prompt is getting faster, smarter, and a lot more modern

Something to look forward to: Microsoft released new Windows 11 Insider Preview builds to the Canary, Dev, and Beta channels this week, bringing multiple new features for developers and power users.
Morningstar

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

Azul webinar series examines the hidden security, compliance and productivity costs of free Java runtimes Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today ...