CSO Online

GitHub Copilot prompt injection flaw leaked sensitive data from private repos

Hidden comments in pull requests analyzed by Copilot Chat leaked AWS keys from users’ private repositories, demonstrating yet another way prompt injection attacks can unfold.
The Hacker News

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Cybersecurity company Imperva, which discovered and reported the problem in July 2025, described CVE-2025-53967 as a "design oversight" in the fallback mechanism that could allow bad actors to achieve ...
Cyber Defense Magazine

Prompt Injection and Model Poisoning: The New Plagues of AI Security

You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Lifehacker

Your AI Browser May Be Vulnerable to 'Prompt Injection' Attacks

Did you know you can customize Google to filter out garbage? Take these steps for better search results, including adding Lifehacker as a preferred source for tech news. AI continues to take over more ...
devdiscourse

Prompt injection attacks push AI cybersecurity to the brink of major meltdown

AI-powered cybersecurity tools, once hailed as the next frontier in digital defense, are now facing a formidable threat from the very systems they were built to secure. In a groundbreaking study, ...
PC Magazine

Are AI Browser Extensions Putting You at Risk? Prompt Injection Attacks Explained

AI agents that can control and read data from an internet browser are also susceptible to obeying malicious text circulating in web content. When he's not battling bugs and robots in Helldivers 2, ...
VentureBeat

Anthropic launches Claude for Chrome in limited beta, but prompt injection attacks remain a major concern

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Anthropic has begun testing a Chrome ...
winbuzzer.com

Brave Finds Critical Security Flaw in Perplexity’s Comet AI Browser, Warns Reported Fix Is Incomplete

AI search company Perplexity is facing scrutiny after rival browser maker Brave discovered a major security vulnerability in its new Comet AI browser. Disclosed on August 20, the flaw allowed for ...
PC World

Perplexity’s AI browser is a sucker for blatant scams and prompt hijacks

There’s a new generation of browsers coming to shake up the market and revolutionize the way we use the web—at least, that’s how new “AI” browsers like Perplexity’s Comet are being pitched to users.
TechRepublic

Gemini AI Vulnerable to Calendar-Based Hack: What is Google’s Mitigation Approach?

Gemini AI Vulnerable to Calendar-Based Hack: What is Google’s Mitigation Approach? Your email has been sent A team of security researchers at SafeBreach has revealed a new exploitation technique that ...
Wired

Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home

For likely the first time ever, security researchers have shown how AI can be hacked to create real-world havoc, allowing them to turn off lights, open smart shutters, and more. Each unexpected action ...