Security Boulevard

Best of 2025: Indirect prompt injection attacks target common LLM data sources

While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn't always the most efficient — and least noisy — way to get the LLM to do bad ...
MediaNama

Explained: How Prompt Injections Put AI Browsers Like ChatGPT Atlas At Risk

Read how prompt injection attacks can put AI-powered browsers like ChatGPT Atlas at risk. And what OpenAI says about combatting them.
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
New York Post

Churchgoing woman suffered severe burns in random toxic chemical attack while walking at park

A Georgia woman suffered severe burns to her face and body after being doused with a toxic chemical in a random attack while she was strolling through a park — and her sadistic assailant is still on ...
CBSSports.com

Chelsea's Champions League attacking woes explained: Why Enzo Maresca's side have so few attacking chances

On the surface level, Chelsea's 2-1 defeat in Bergamo on Tuesday had the look of one inflicted on them by Enzo Maresca making the wrong adjustments at the back end of the pitch. A midfield of right ...
The Record

UK intelligence warns AI 'prompt injection' attacks might never go away

Security experts working for British intelligence warned on Monday that large language models may never be fully protected from “prompt injection,” a growing type of cyber threat that manipulates AI ...
The New York Times

Video of Boat Strike Shows Survivors Waving Before Fatal Follow-Up Attack

The new detail further complicates the military’s explanations for its actions during the Sept. 2 strike in the Caribbean Sea. By Julian E. Barnes and Charlie Savage Reporting from Washington The two ...
The Hacker News

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The ...
IEEE

An Extended False Data Injection Attack via Deep Reinforcement Learning: Attack Model and Countermeasures in Cyber-Physical Power Systems

Abstract: False data injection attacks are commonly used to evade the bad data detector in cyber-physical power systems. This paper proposes an extended attack strategy and a deep reinforcement ...
The New York Times

The Furor Over Trump’s Boat Attacks and a Particular Follow-Up Strike, Explained

Bipartisan congressional oversight is underway, but for now is focusing on narrow details about one missile instead of broader legal issues. news analysis Bipartisan congressional oversight is ...