The Register on MSN

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be ...
The Register on MSN

Contagious Claude Code bug Anthropic ignored promptly spreads to Cowork

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that Anthropic's tendency ...
Security Boulevard

Vulnerability in Anthropic’s Claude Code Shows Up in Cowork

PromptArmor threat researchers uncovered a vulnerability in Anthropic's new Cowork that already was detected in the AI company's Claude Code developer tool, and which allows a threat actor to trick ...
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
Bleeping Computer

CISA flags Craft CMS code injection flaw as exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high ...
Security

Add 'Prompt' to the Long List of Injection Attacks

Injection attacks have been around a long time and are still one of the most dangerous forms of attack vectors used by cybercriminals. Injection attacks refer to when threat actors “inject” or provide ...
Semiconductor Engineering

A Novel Attack For Depleting DNN Model Inference With Runtime Code Fault Injections

A technical paper titled “Yes, One-Bit-Flip Matters! Universal DNN Model Inference Depletion with Runtime Code Fault Injection” was presented at the August 2024 USENIX Security Symposium by ...