Opinion

IBM's AI agent Bob easily duped to run malware, researchers show

That's apparently the case with Bob. IBM's documentation, the PromptArmor Threat Intelligence Team explained in a writeup provided to The Register, includes a warning that setting high-risk commands ...
Security Boulevard

Best of 2025: Indirect prompt injection attacks target common LLM data sources

While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn't always the most efficient — and least noisy — way to get the LLM to do bad ...
CSO Online

Top 5 real-world AI security threats revealed in 2025

Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — ...

OpenAI warns AI browsers may never be fully secure; says prompt injection may never be solved

ChatGPT- maker OpenAI has now cautioned that AI browsers including its recently launched ChatGPT Atlas agent, may never be ...
The Hacker News

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for ...
CSO Online

Top cyber threats to your AI systems and infrastructure

From data poisoning to prompt injection, threats against enterprise AI applications and foundations are beginning to move from theory to reality.

What Happens When AI at Airports Fails? New 'Auditable Autonomy' Could Prevent Disaster

As AI becomes more embedded in mission-critical infrastructure, unverifiable autonomy is no longer sustainable. Businesses, ...

OpenAI says prompt injections that can trick AI browsers like ChatGPT Atlas may never be fully ‘solved’—experts say risks are ‘a feature not a bug’

“Prompt injection, much like scams and social engineering on the web, is unlikely to ever be fully ‘solved,'” OpenAI wrote in a blog post Monday, adding that “agent mode” in ChatGPT Atlas “expands the ...

Radware Unveils “ZombieAgent”: A Newly Discovered Zero-Click, AI Agent Vulnerability Enabling Silent Takeover and Cloud-Based Data Exfiltration

Radware ® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today announced the discovery of ZombieAgent, a new zero-click indirect prompt ...
The Daily Star

AI browsers may have an incurable vulnerability, warns OpenAI

OpenAI has recently stated in an official blog that AI agents designed to operate web browsers may always be vulnerable to a specific type of attack known as "prompt injection", framing it as a ...
Techlicious

OpenAI Confirms AI-Powered Browsers Leave You Vulnerable to Hackers

So-called prompt injections can trick chatbots into actions like sending emails or making purchases on your behalf. OpenAI ...

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as ...