Claude Flaw Automatically Sends Malicious Prompts to AI Agents
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files will continue to threaten AI systems.
Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensitive corporate information.
While the cloud vulnerability was fixed prior to disclosure, the researcher who discovered it says it could have led to catastrophic attacks.
Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we've known about since last year, partly thanks to complications in patching.
The now-fixed vulnerability involved a major travel services company that's integrated with dozens of airline websites worldwide.
The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch.
The tech giant fixed privilege-escalation and model-exfiltration vulnerabilities in Vertex AI that could have allowed attackers to steal or poison custom-built AI models.
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case.
Apache fixed a vulnerability in its OfBiz enterprise resource planning (ERP) framework last month, but attackers and researchers found a way around the patch.
The cybersecurity skills gap is making businesses more vulnerable, but it won't be fixed by upskilling high-potential recruits alone.
Researcher discovers vulnerabilities in the open source Web application, which were fixed in the latest Apache OpenMeeting update.
Newly disclosed RCE flaw in Cosmos DB's Jupyter Notebook feature highlights some of the weaknesses that can arise from emerging tech in the cloud-native and machine learning worlds.
Google patches a critical flaw in its Chrome browser, bringing its count of zero-day vulnerabilities fixed in 2022 to four.