ZEC dropped 30% after Anthropic AI discovered a counterfeit vulnerability in Zcash. This finding significantly impacted the cryptocurrency's value.
A critical vulnerability has been discovered in an open-source package, imperiling millions of AI agents. This security flaw requires immediate attention to protect artificial intelligence systems.
The McDonald’s support chatbot, along with others from Alcampo and Chipotle, unexpectedly performed complex coding tasks for users, highlighting critical security vulnerabilities and capability leaks in agentic AI. These incidents serve as a wake-up call regarding the inherent versatility of LLMs and the need for robust security measures.
This article by Karen Tonoyan introduces the concept of Narrative Drift Injection (NDI) as a new dimension of prompt injection. Unlike classic attacks, NDI manipulates the AI model by drawing it into a narrative it co-creates, causing it to lose vigilance at the session level.
Meta confirmed that a bug in its AI chatbot allowed attackers to hijack over 20,000 Instagram accounts by exploiting an "AI-assisted account recovery" vulnerability. This incident highlights the risks of integrating language models into high-trust authentication flows without proper security measures.
This content highlights that AI agents, such as Claude Code, have unrestricted access to all configured API keys and tokens, regardless of functional necessity. This practice creates a significant security risk, especially in scenarios of failures like hallucinated tool calls or prompt injections.
The content reveals a critical security flaw in AI-generated code, specifically a logic bug in token refresh cycles that allows indefinite session maintenance. It highlights a unique Japanese security research approach to reviewing AI code, focusing on logic flaws rather than syntax or tools.
This paper reveals a critical vulnerability in diffusion-based language models (dLLMs) where their safety alignment, based on monotonic denoising schedules, can be easily bypassed. By re-masking refusal tokens and injecting an affirmative prefix, researchers achieved high attack success rates against prominent dLLMs, exposing a structural flaw.
This article highlights how AI editors, specifically Cursor, reproduce a dangerous recursive merge pattern from pre-2019 training data, leading to "prototype pollution" vulnerabilities in JavaScript. This security flaw allows attackers to inject properties onto `Object.prototype`, affecting all objects, and was previously identified in `lodash` (CVE-2019-10744).
Em 3 de fevereiro de 2026, uma grave vulnerabilidade (CVE-2026-25253, CVSS 8.8) foi divulgada no OpenClaw, um agente de IA de código aberto, permitindo execução remota de código. Isso levou à descoberta de 138 vulnerabilidades em 63 dias, com mais de 135.000 instâncias de OpenClaw publicamente expostas globalmente, muitas sem autenticação.
A SafeBreach researcher demonstrated an indirect prompt injection vulnerability in Google Gemini on Android, allowing the assistant to execute real device actions without user awareness via notifications. While Google has patched the issue, the research exposes a large attack surface where any app capable of pushing a notification becomes a potential injection vector.
Software security faces a "three-body problem" due to the convergence of AI-generated code with more vulnerabilities, escalating supply chain attacks, and a collapsing security talent pipeline. These forces interact chaotically, making the system unpredictable.
Researchers uncovered a prompt injection vulnerability in Google Gemini on Android, where content from app notifications like WhatsApp and Slack could be misinterpreted as malicious instructions. This flaw allows an attacker to potentially control Gemini to open browsers, send messages, or poison its long-term memory, all without requiring a malicious app or special permissions.
This content identifies two DM-hardening problems in AI systems, focusing on the security aspect where hostile DMs exploit LLM reasoning to trigger unauthorized actions. It presents `v0.21`'s solution: a provenance layer that validates actions based on DM origin rather than content.
Researchers from Ox Security uncovered critical vulnerabilities in MCP servers, affecting millions, which Anthropic refuses to fix at the protocol level. This architectural flaw allows malicious prompts to hijack tool execution and exfiltrate data from publicly exposed servers.
The article addresses memory poisoning as a critical, often overlooked security vulnerability in AI agents with persistent memory. This attack involves injecting malicious content into an agent's memory store, causing adversarial behavior in future sessions, a threat distinct from prompt injection.
This article details CVE-2026-5603, a critical command injection vulnerability in the `@elgentos/magento2-dev-mcp` package, which can be exploited by manipulating AI agents. It explains the sanitizer's failure on Windows and how to check for and fix the issue in MCP servers.
Microsoft's MDASH AI detected 16 critical Windows flaws, including four remote code execution bugs, before hackers, shifting the cybersecurity balance with faster vulnerability discovery. This highlights AI's growing role in security, delivering real-world wins by finding flaws before exploitation.
The content describes "Indirect Prompt Injection" as a vulnerability where AI assistants with Gmail access can be tricked by malicious emails into performing unwanted actions. It proposes a "Semantic Airgap" solution, using a "Dumb Sanitizer" to strip imperative power from external data before it reaches the "High-Intelligence" agent, preventing such attacks.
This comprehensive guide addresses the unique security threats faced by AI applications, including prompt injection and model theft. It details a penetration testing methodology to protect AI systems from attacks by 2026.