CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
CSO Online

M365 Copilot SearchLeak: Your prompt injection attack surface just got bigger

Although not the first of its kind, researchers’ POC attack against Microsoft’s M365 Copilot Enterprise underscores parameter ...
CRN

ConnectWise ScreenConnect Vulnerability Exploited: CISA

The ConnectWise ScreenConnect vulnerability, which earlier this year was identified as a potential way for threat actors to perform ViewState code injection attacks, is now being exploited, according ...
Dark Reading

GitHub: How Code Provenance Can Prevent Supply Chain Attacks

GARTNER SECURITY & RISK MANAGEMENT SUMMIT — Washington, DC — Having awareness and provenance of where the code you use comes from can be a boon to prevent supply chain attacks, according to GitHub's ...
VentureBeat

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...
BizTech

Prompt Injection Attacks: The LLM Security Risk IT Leaders Must Address

Security leaders must adapt large language model controls such as input validation, output filtering and least-privilege access for artificial intelligence systems to prevent prompt injection attacks.
Research Snipers

Major attack on Arch Linux: massive malware injection into the AUR

Arch Linux continues to struggle with a large-scale malware wave in its user repository AUR (Arch User Repository). This is currently literally flooded with malware. The attack continues and becomes ...