Microsoft spots ClickFix scam spreading Lumma infostealer
…is exactly what attackers want. The scam itself sticks to the same tried-and-tested social engineering formula. Victims land on a web page posing as a verification prompt, CAPTCHA check, or…
Search
All sources
theregister.com
17
blog.google
9
anthropic.com
7
xda-developers.com
7
developer.nvidia.com
6
github.blog
6
huggingface.co
5
blog.cloudflare.com
5
bleepingcomputer.com
4
rockpapershotgun.com
4
pcworld.com
4
appleinsider.com
3
Top stories
People are using prompt injection to trick Meta's AI into handing over Instagram accounts
1d agoHackers hijack thousands of sites for ClickFix and FakeUpdate attacks
2d agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code
5d agoGhost CMS SQL injection flaw exploited in large-scale ClickFix campaign
1w agoI ran Nvidia's NemoClaw to see if OpenClaw is finally safe, but it still has the same problems
…For example, PromptArmor demonstrated that the link preview feature in messaging apps like Telegram and Discord can be turned into a data exfiltration pathway through indirect prompt injection. The attacker tricks the…
Internet Coverage | Tom's Guide
…VPNs Norton Neo's new in-built VPN claims to boost security without needing user input, and increases protection from prompt injection attacks. Here's what you need to know. VPNs Urban…
Paper page - Sparse Autoencoders as Plug-and-Play Firewalls for Adversarial Attack Detection in VLMs
…Breaking Medical Vision Language Models by Transferable Attack (2026) Towards Understanding the Robustness of Sparse Autoencoders (2026) Adversarial Prompt Injection Attack on Multimodal Large Language Models (2026) SALLIE: Safeguarding Against Latent Language…
Discussions and forums
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
Interesting new research you may have heard of on attacking large audio language models. The attack is called AudioHijack and the part worth paying attention to is that adversarial clips built against open models transfe…
Show HN: How to analyze your LLM output – A behavioural health monitor for LLMs
Hey HN! We're Dr. Kashyap Thimmaraju and Giuseppe Canale from Silicon Psyche. We've built Posture Sequence Analysis (PSA), a behavioural health monitor for LLMs and AI Agents.Why we built PSAWe built PSA because we wante…
9
5
Introducing Prempti: Policy and visibility for AI coding agents
…familiar Falco YAML, new context Here’s a rule that blocks piping content directly to a shell interpreter, a classic vector for prompt injection attacks: - macro: is_bash condition: tool.name = "Bash…
Supply chain security Archives
…registry attacks, GitHub is strengthening npm’s security with stricter authentication, granular tokens, and enhanced trusted publishing to restore trust in the open source ecosystem. Safeguarding VS Code against prompt injections When…
VS Code goes weekly, gets AI autopilot - what could go wrong
…The documentation recommends enabling experimental terminal sandboxing to restrict file system and network access for agent-executed commands – but this only works on macOS and Linux. "If prompt injection is a concern…
Hidden Voice Glitches Could Hijack Audio AI Tools
…From Your Site Articles How to Silently Hack a Smart Speaker - IEEE Spectrum › Why AI Keeps Falling for Prompt Injection Attacks › This AI Can Tell What You’re Typing Based on the…
Rogue AI agents can work together to hack systems
…to prevent the attack," according to the report. Irregular notes that there's no prompt injection used in this test, but rather a feedback loop. The Lead agent prompts its analyst sub…
Architecting Security for Agentic Capabilities in Chrome
…prompt injection. We use techniques like spotlighting that direct the model to strongly prefer following user and system instructions over what’s on the page, and we’ve upstreamed known attacks to…