Browsing Tag
Prompt Injection
7 posts
Prompt injection attacks, jailbreaks, indirect prompt attacks, and AI system manipulation.
Microsoft Defender Starts Watching Local AI Agents on Developer Machines
Microsoft Defender now discovers local AI agents and MCP server configurations across managed endpoints, while preview runtime protection can audit or block prompt-injection attempts in Claude Code and GitHub Copilot CLI before risky tool actions execute.
AI Pentesting Is Finding Bugs Faster Than Teams Fix Them
Cobalt’s latest AI pentesting research shows security teams are testing AI apps more often, but serious LLM vulnerabilities still have the lowest fix rate of any category. The useful lesson is not to abandon automation, but to connect AI security tests to ownership, triage, and retesting.
Gemini 3.5 Flash Makes Computer Use a Mainstream Agent Tool
Google has moved computer use into Gemini 3.5 Flash, letting developers build agents that can see screens and act across browser, mobile, and desktop environments. The useful question is how teams design the execution loop, safety gates, and sandbox around it.
Clean GitHub Repos Can Still Trap AI Coding Agents
Mozilla’s 0DIN showed how an AI coding agent can be led from a normal-looking GitHub setup flow into running a DNS-fetched reverse shell. The proof of concept is a warning for teams letting agents install, initialize, and debug unfamiliar projects on developer machines.
AWS AgentCore Turns Enterprise AI Agents Into an Operations Stack
AWS used its New York Summit to expand Bedrock AgentCore, launch AWS Context and AWS Continuum, and push AI agents deeper into enterprise operations. The real story is not another chatbot layer, but a managed stack for grounding, governing, testing, and remediating agent behavior.
SearchLeak Shows How Microsoft 365 Copilot Search Can Become a Data Leak
Varonis disclosed SearchLeak, a patched Microsoft 365 Copilot Enterprise Search vulnerability chain that could turn one trusted-looking Microsoft link into a path for stealing emails, files, calendar data, and MFA codes.
NIST’s AI Guardrail Proof Makes Prompt Injection a Continuous Security Problem
NIST says a fixed set of AI guardrails cannot be universally robust against adaptive adversarial prompts. For teams deploying AI agents, the practical answer is continuous red-teaming, guardrail updates, access limits, and recovery planning.