Browsing: Injection Attacks

Researchers Show How “AI Judges” Can Be Tricked Into Approving Harmful Content

Kirsten DoyleMarch 13, 20264 Mins Read

Security researchers have demonstrated how a growing class of AI safety controls (known as AI judges) can be manipulated into approving content…

Malicious URLs Can Turn the OpenAI Atlas Omnibox Into a Jailbreak Vector, Researchers Warn

Kirsten DoyleOctober 28, 20255 Mins Read

A new security report by NeuralTrust has revealed a critical vulnerability in OpenAI’s Atlas, one that blurs the line between…

AI Agents Open a New Front in Cybersecurity: ForcedLeak in Salesforce Agentforce

Kirsten DoyleSeptember 30, 20256 Mins Read

Noma Labs has uncovered a severe flaw in Salesforce’s Agentforce platform. The chain of vulnerabilities, dubbed ForcedLeak, carried a CVSS…

Patch Now: Critical SAP S/4HANA Code Injection Flaw Exploited in the Wild

Kirsten DoyleSeptember 8, 20255 Mins Read

A newly disclosed vulnerability in SAP S/4HANA has been rated critical, with security researchers warning that exploitation is already underway. …

Scamlexity: When AI Agents Become the Target, Not Just the Human

Kirsten DoyleAugust 22, 20255 Mins Read

AI Browsers promise a future where an Agentic AI can handle your online life. From shopping to emails, they are…

Researchers Expose GPT-5 Jailbreak That Bypasses Safety Controls

Kirsten DoyleAugust 12, 20255 Mins Read

Cybersecurity researchers at two companies have uncovered a jailbreak technique that bypasses ethical guardrails set up by OpenAI in its…

Sploitlight: Spotlight Exploited to Bypass macOS TCC and Steal Apple Intelligence Data

Josh Breaker RolfeAugust 1, 20253 Mins Read

Security researchers at Microsoft have uncovered a critical macOS vulnerability, dubbed Sploitlight, that allows attackers to bypass Apple’s Transparency, Consent,…

“Clean to Factory State”: The AI Prompt That Nearly Wiped AWS Accounts

Kirsten DoyleJuly 29, 20255 Mins Read

Amazon has quietly disclosed a near-catastrophic AI security incident that, while not making headlines, should send chills through every cybersecurity…

Code Execution Through Deception: The Gemini AI CLI Hijack That Almost Went Unnoticed

Kirsten DoyleJuly 29, 20253 Mins Read

A newly discovered vulnerability in Google’s Gemini CLI, an AI-powered tool designed to help developers explore and write code from…

New Malware Tries and Fails to Fool AI Detection Tools

Josh Breaker RolfeJune 27, 20253 Mins Read

Cybersecurity researchers at Check Point Software have identified what may be the first ever attempt by malware to manipulate AI-based…