Claude Flaw Automatically Sends Malicious Prompts to AI Agents
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
Four vulnerabilities allow attackers to exploit Dify, a platform for AI application building and management, to silently access and exfiltrate sensitive data.
Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to new research.
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
The proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available.
In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos.
Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said.
Palo Alto Networks researchers show how attackers could exploit AI agents on Google's Vertex AI to steal data and break into restricted cloud infrastructure.
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data.
Forget stolen credentials and misconfigurations. Thanks to AI, the new top cause of compromises in the cloud is vulnerability exploits that beat patching cycles.
The "ZombieAgent" exploit makes use of ChatGPT's long-term memory and advanced capabilities.
In the React2Shell saga, non-working and trivial proof-of-concept exploits led to confusion and perhaps a false sense of security. Can the onslaught of PoCs be tamed?
Researchers utilized prompts and large language models to develop an open-source AI framework capable of generating both vulnerability exploits and patches.
Generating exploits with AI and large language models shrinks the time to target software flaws, giving security teams scant time to patch. Can enterprises adapt?
Zenity CTO Michael Bargury joins the Black Hat USA 2025 News Desk to discuss research on a dangerous exploit, how generative AI technology has "grown arms and legs" —and what that means for cyber risk.
A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data
The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.
A server-side forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.