Search

theregister.com › security › 2026 › …

Mercor says it was 'one of thousands' hit in LiteLLM attack

Cyber-crime AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack First public downstream victim, but won't be the last AI hiring startup Mercor…

Apr 2, 2026 · Jessica Lyons

theregister.com › security › 2026 › …

MCP 'design flaw' puts 200k servers at risk: Researcher

…The third type of vulnerability allows zero-click prompt injection across AI integrated development environments (IDEs) and coding assistants such as Windsurf, Claude Code, Cursor, Gemini-CLI, and GitHub Copilot. However, the…

Apr 16, 2026 · Jessica Lyons

github.blog › security

Security-related product updates - GitHub Blog

…registry attacks, GitHub is strengthening npm’s security with stricter authentication, granular tokens, and enhanced trusted publishing to restore trust in the open source ecosystem. Safeguarding VS Code against prompt injections When…

Apr 28, 2026 · Alexis Wales

developer.nvidia.com › blog

Practical Security Guidance for Sandboxing Agentic Workflows and Managing Execution Risk | NVIDIA Technical Blog

…Based on the NVIDIA AI Red Team ’s experience, the following mandatory controls mitigate the most serious attacks that can be achieved with indirect prompt injection:  Network egress controls: Blocking network access…

Jan 30, 2026 · Rich Harang

Top stories

neowin.net

People are using prompt injection to trick Meta's AI into handing over Instagram accounts

1d ago

arstechnica.com

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

5d ago

bleepingcomputer.com

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

1w ago

news.skhynix.com

Reinventing AI Guardrails for a Safer Digital World

…However, the biggest challenge was handling prompt injections. While explicit and overtly malicious expressions are relatively easy to filter out, responding to indirect and sophisticated prompt attacks has only recently become an…

Mar 11, 2025 · user

theregister.com › software › 2026 › …

Claude Code bypasses safety rule if given too many commands

…prompt injection – where a malicious CLAUDE.md file instructs the AI to generate a 50+ subcommand pipeline that looks like a legitimate build process." The Adversa team's proof-of-concept attack…

Apr 1, 2026 · Thomas Claburn

blog.google › security

Supporting Rowhammer research to protect the DRAM ecosystem

…It was last updated on March 31, 2026.JanuaryWe terminated 40 Yo… By Trust & Safety May 08, 2026 Security AI threats in the wild: The current state of prompt injections on the…

Sep 15, 2025 · Daniel Moghimi

Discussions and forums

Hacker News · u/k-thimmaraju · 2w ago

Show HN: How to analyze your LLM output – A behavioural health monitor for LLMs

Hey HN! We're Dr. Kashyap Thimmaraju and Giuseppe Canale from Silicon Psyche. We've built Posture Sequence Analysis (PSA), a behavioural health monitor for LLMs and AI Agents.Why we built PSAWe built PSA because we wante…

9 5

anthropic.com › research › trustworthy-agents

Trustworthy agents in practice

…Defending against attacks Prompt injections are malicious instructions hidden inside the content that an agent is asked to process. If an agent is searching a user's inbox and one email says…

Apr 9, 2026

anthropic.com › engineering › how-we-contain-claude

How we contain Claude across products

…External attackers: The agent is attacked through external vectors such as tools, files, or network access. This category includes both prompt injection and conventional attacks on the agent's runtime, orchestration layer…

May 25, 2026

spectrum.ieee.org

Moltbook Gives Insights into Agentic AI's Messy Future

…The scans still won’t catch prompt injection attacks because, as mentioned above, these don’t exist in the code of the skill itself but instead in the content the skill might…

Feb 12, 2026 · Matthew S. Smith