Indirect Prompt Injection in Web Content Targets AI Agents
Zscaler found sites hiding prompt-injection text to manipulate AI agents into crypto payments
Zscaler is a cloud security platform that brokers access to applications and internet services, making its controls and flaws relevant to enterprise risk.
Search across headline titles and summaries.
Background for this topic.
Zscaler is a cloud-delivered security platform that routes users’ web, SaaS, and private-application traffic through policy enforcement points rather than relying solely on an enterprise network perimeter. Its functions can include a secure web gateway, cloud firewall, malware and phishing inspection, data-loss controls, and zero-trust access, which grants access to specific applications based on identity and device context instead of broad network connectivity.
Security coverage depends on correct identity policies, traffic steering, endpoint agents, application connectors, and integrations with directories and security tools. Vulnerabilities or misconfigurations in those components can expose internal applications, bypass inspection, or disrupt access; compromise of an administrative account or control plane could also change policies broadly. HTTPS inspection requires installed trust certificates and creates material privacy and compliance considerations, so organizations should limit decryption, protect logs, and define retention. Advisories under this tag may therefore concern the cloud service, client software, connectors, APIs, or dependent identity systems, and should be assessed alongside configuration review and access-control monitoring.
Weekly headline count for the current query.
Zscaler found sites hiding prompt-injection text to manipulate AI agents into crypto payments
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group
Zscaler analysts found critical vulnerabilities in 100% of enterprise AI systems, with 90% compromised in under 90 minutes
November 2025 saw cybersecurity giants like Palo Alto Networks, Bugcrowd and Zscaler invest in AI-powered security solutions
Zscaler estimates 239 malicious Android apps made it onto the official Play store over the past year
Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data
Zscaler’s latest report finds 54.5% of IoT attacks target manufacturing, with the industry suffering more than three times the weekly attacks of other sectors
Zscaler has found more than 200 malicious apps on Google Play with over eight million installs
Zscaler warns of copycat attacks after revealing one ransomware victim paid $75m
Researchers from Zscaler ThreatLabz observed an uptick in the TeaBot Andoird banking Trojan, also known as Anatsa
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication
Zscaler’s ThreatLabz discovered malware spreading SpyNote RAT to Android and NjRAT/DCRat to Windows
A new threat actor has been observed by Zscaler distributing remote access Trojans (RATs) via online meeting lures
Large language models like ChatGPT and phishing kits have significantly contributed to the growth of phishing, Zscaler’s 2023 ThreatLabz Phishing Report claims
Zscaler reveals 20% increase in malicious use of encryption