Anthropic published the prompt injection failure rates that enterprise security teams have been asking every vendor for

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard configuration — data that OpenAI and Google have not published for their own ...
TechJuice

Researchers Warn Copilot and Grok AI Can Be Manipulated by Prompt Injection Attacks

Researchers warn that AI assistants like Copilot and Grok can be manipulated through prompt injections to perform unintended actions.

Microsoft Thwarts AI Prompt Injection Attacks Aimed To Manipulate AI Engines

Microsoft has implemented and continues to deploy mitigations against prompt injection attacks in Copilot, the company announced last week. Spammers were using the "Summarize with AI" type of buttons ...

ChatGPT's new Lockdown Mode can stop prompt injection - here's how it works

ChatGPT's new Lockdown Mode can stop prompt injection - here's how it works ...

Terra Security Finds Widespread Exploitable Flaws in AI-Driven Applications, Copilots, and AI-Generated Code

After months of real-world testing of AI copilots, chat interfaces, and AI-generated apps, Terra Security releases a new module for continuous AI Penetration Testing to match AI development velocity ...

ChatGPT gets ‘Lockdown Mode’ mode for extra security and privacy

As AI services increasingly connect to wider parts of the web and more external apps, the risk of so-called “prompt injection ...
The Hacker News

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.
VentureBeat

Why GPT-4 is vulnerable to multimodal prompt injection image attacks

OpenAI's new GPT-4V release supports image uploads — creating a whole new attack vector making large language models (LLMs) vulnerable to multimodal injection image attacks. Attackers can embed ...
Hosted on MSN

Hidden prompt injection: The black hat trick AI outgrew

For a brief moment, hiding prompt injections in HTML, CSS, or metadata felt like a throwback to the clever tricks of early black hat SEO. Invisible keywords, stealth links, and JavaScript cloaking ...
Futurism

OpenAI’s New AI Browser Is Already Falling Victim to Prompt Injection Attacks

OpenAI unveiled its Atlas AI browser this week, and it’s already catching heat. Cybersecurity researchers are particularly alarmed by its integrated “agent mode,” currently limited to paying ...
Gizmodo

OpenAI’s Outlook on AI Browser Security Is Bleak, but Maybe a Little More AI Can Fix It

As OpenAI and other tech companies keep working towards developing agentic AI, they’re now facing some new challenges, like how to stop AI agents from falling for scams. OpenAI said on Monday that ...
Hosted on MSN

Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales

A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers who published a ...