Claude Desktop changes software permissions without consent
…Hanff says, "Anthropic's own safety data states Claude for Chrome is vulnerable to prompt injection at a 23.6 percent success rate without mitigations, and 11.2 percent with their current…
Search
All sources
theregister.com
17
blog.google
9
anthropic.com
7
xda-developers.com
7
developer.nvidia.com
6
github.blog
6
huggingface.co
5
blog.cloudflare.com
5
bleepingcomputer.com
4
rockpapershotgun.com
4
pcworld.com
4
appleinsider.com
3
Top stories
People are using prompt injection to trick Meta's AI into handing over Instagram accounts
2d agoHackers hijack thousands of sites for ClickFix and FakeUpdate attacks
2d agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code
5d agoGhost CMS SQL injection flaw exploited in large-scale ClickFix campaign
1w agoInstalling an AI assistant on your PC? 5 do's and don’ts
…While some AI assistant tools like Claude Cowork won’t train their models on your data, your file could still be at risk from “prompt-injection” attacks–that is, files with hidden…
3 best practices for building software in the era of LLMs
…Static Application Security Testing (SAST) , Software Composition Analysis (SCA) , and Secret Detection become critical controls to mitigate the risk of secret leaks, supply chain attacks, and weaknesses like SQL injections. With platforms…
Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
…It’s a very straightforward prompt injection attack. Neowin reported having the exploit as being “active in the wild for months, going as far back as February of this year, with hackers…
Discussions and forums
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
Interesting new research you may have heard of on attacking large audio language models. The attack is called AudioHijack and the part worth paying attention to is that adversarial clips built against open models transfe…
Show HN: How to analyze your LLM output – A behavioural health monitor for LLMs
Hey HN! We're Dr. Kashyap Thimmaraju and Giuseppe Canale from Silicon Psyche. We've built Posture Sequence Analysis (PSA), a behavioural health monitor for LLMs and AI Agents.Why we built PSAWe built PSA because we wante…
9
5
Claude Can Now Run Tasks on Your Behalf With New 'Computer Use' Feature
…ways you don't want. Anthropic says it implemented safeguards to minimize risks, such as prompt injections . The system will automatically scan for this and more vulnerabilities as they're implemented. Despite…
Under the hood: Security architecture of GitHub Agentic Workflows
…This is dangerous because agents are susceptible to prompt injection: Attackers can craft malicious inputs like web pages or repository issues that trick agents into leaking sensitive information. For example, a prompt…
Your ChatGPT, Claude, and Gemini chats aren't as private as you think
…s also the risk of your confidential info slipping out into the wild via prompt-injection attacks and other exploits. But aside from model training and security concerns, there’s another factor…
Claude Mythos Finds Zero-Days—But Rust Quietly Shuts The Door
…Security researchers know this as the problem of the persuasive prompt injection . Consider, for example, the difference between “Attack website A to steal users’ credit card info” and “I am a security…
Meet Microsoft Scout, Your AI Coworker That Never Logs Off
…Agentic tools, like Scout, can open users to prompt injection attacks, where bad actors confuse bots to do tasks or reveal information they shouldn't. Microsoft is responding to Scout’s potential…
Prediction Guard De-Risks LLM Applications
…And they are also vulnerable to an emerging type of security threat known as prompt injections, in which an attacker uses a malicious input to elicit an unintended response or data breach…