From prompt injection to deepfake fraud, security researchers say several flaws have no known fix. Here's what to know about them.

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...

Economist warns coming financial crisis will make 2008 look like 'Sunday school picnic' Bill Belichick Hall of Fame snub sparks debate Japan’s Genius Offshore Fish Farm Harvests Millions of Fish A ...

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...

Abstract: An increasing number of web application services raises significant security concerns. Online access to these applications exposes them to multiple cyberattacks. The Open Web Application ...

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...

Abstract: SQL injection attacks are a serious threat to the security of cyberspace. In view of the problems with traditional SQL injection attack detection methods, such as high false positive rates ...

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from ...

Cybercriminals don't always need malware or exploits to break into systems anymore. Sometimes, they just need the right words in the right place. OpenAI is now openly acknowledging that reality. The ...

OpenAI built an "automated attacker" to test Atlas' defenses. The qualities that make agents useful also make them vulnerable. AI security will be a game of cat and mouse for a long time. OpenAI is ...

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...

Welcome to the future — but be careful. “Billions of people trust Chrome to keep them safe,” Google says, adding that "the primary new threat facing all agentic browsers is indirect prompt injection.” ...