This 'ZombieAgent' zero click vulnerability allows for silent account takeover - here's what we know

In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows ...
IEEE

Mitigating Input Prompt Attack Vulnerabilities in Systems with a Language Model Interface

Abstract: The article is devoted to the study of the cybersecurity vulnerabilities in systems utilizing Language Model Interfaces, particularly focusing on the challenges and solutions in constructing ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...
ZDNet

How OpenAI is defending ChatGPT Atlas from attacks now - and why safety's not guaranteed

OpenAI built an "automated attacker" to test Atlas' defenses. The qualities that make agents useful also make them vulnerable. AI security will be a game of cat and mouse for a long time. OpenAI is ...
Gizmodo

OpenAI’s Outlook on AI Browser Security Is Bleak, but Maybe a Little More AI Can Fix It

As OpenAI and other tech companies keep working towards developing agentic AI, they’re now facing some new challenges, like how to stop AI agents from falling for scams. OpenAI said on Monday that ...
eWeek

OpenAI Steps Up Security as ChatGPT Atlas Faces Ongoing Prompt Injection Threats

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
IEEE

An Injection-Locked-Oscillation-Based SIW Shorted Coaxial-Line Active Sensor for Detecting the MNPs Content in Water-Based Ferrofluid

Abstract: A novel shorted coaxial-line resonator (SCR) in substrate-integrated waveguide (SIW) configuration is integrated with a negative resistance circuit (NRC) to implement an ultrahigh Q-factor ...
EurekAlert!

Vulnerability of large language models to prompt injection when providing medical advice

About The Study: In this quality improvement study using a controlled simulation, commercial large language models (LLM’s) demonstrated substantial vulnerability to prompt-injection attacks (i.e., ...
GitHub

Lightweight prompt injection detection for LLM applications

Vard is a TypeScript-first prompt injection detection library. Define your security requirements and validate user input with it. You'll get back strongly typed, sanitized data that's safe to use in ...
Bleeping Computer

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...