This Microsoft Copilot AI attack took a single click to compromise users

Security researchers Varonis have discovered Reprompt, a new way to perform prompt-injection style attacks in Microsoft ...
SecurityWeek

New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data

The Reprompt Copilot attack bypassed the LLMs data leak protections, leading to stealth information exfiltration after the ...

OpenAI admits AI browsers face unsolvable prompt attacks

OpenAI develops automated attacker system to test ChatGPT Atlas browser security against prompt injection threats and cybercriminal risks.

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...

Microsoft patches single-click Copilot data stealing attack

The first Patch Tuesday (Wednesday in the Antipodes) for the year included a fix for a single-click prompt injection attack ...
CSO Online

ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Security researchers from Radware have demonstrated techniques to exploit ChatGPT connections to third-party apps to turn ...

IBM's AI 'Bob' could be manipulated to download and execute malware

Recently, security researchers Prompt Armor published a new report, stating that IBM’s coding agent, which is currently in ...
Infosecurity Magazine

New Zero-Click Attack Lets ChatGPT User Steal Data

Recently, OpenAI extended ChatGPT’s capabilities with user-oriented new features, such as ‘Connectors,’ which allows the ...
Opinion
Security BoulevardOpinion

We’re Moving Too Fast: Why AI’s Race to Market Is a Security Disaster

The recently disclosed ServiceNow vulnerability should terrify every CISO in America. CVE-2025-12420, dubbed “BodySnatcher,” represents everything wrong ...
Dark Reading

ChatGPT's Memory Feature Supercharges Prompt Injection

That's according to researchers from Radware, who have created a new exploit chain it calls "ZombieAgent," which demonstrates ...
Forbes

‘It May Be Worse’—No Fix For New Google Chrome Attacks

Welcome to the future — but be careful. “Billions of people trust Chrome to keep them safe,” Google says, adding that "the primary new threat facing all agentic browsers is indirect prompt injection.” ...
Security Boulevard

Vulnerability in Anthropic’s Claude Code Shows Up in Cowork

PromptArmor threat researchers uncovered a vulnerability in Anthropic's new Cowork that already was detected in the AI company's Claude Code developer tool, and which allows a threat actor to trick ...