Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...

Google says criminals used AI to build a working zero-day exploit for the first time

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...
TweakTown

Google finds hackers using AI to discover and develop a zero-day exploit for the first time for mass attacks

Google has not identified which LLM was used to develop the zero-day exploit, but has confirmed that its own Gemini AI was ...
Developer Tech

Google says AI helped build zero-day exploit targeting 2FA bypass

Google said it disrupted a planned mass exploitation campaign involving a Python zero-day exploit likely developed with AI.
The Hacker News

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...
The Hacker News

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

Cybercriminals Are Making Powerful Hacking Tools With AI, Google Warns

Cybercriminals created a zero-day exploit with AI, the first example of artificial intelligence finding and hacking software ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...
Security Boulevard

How to Connect Custom AI Agents with Slack

Whether you want simple fire-and-forget alerts or full two-way control, here's how to securely wire your AI agent into Slack.