Researchers from Zenity have found multiple ways to inject rogue prompts into agents from mainstream vendors to extract ...

Not a very smart home: crims could hijack smart-home boiler, open and close powered windows and more. Now fixed ...

Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed ...

A prompt injection attack using calendar invites can be used for real-world effects, like turning off lights, opening window ...

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and ...

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

Critical flaw in new tool could allow attackers to steal data at will from developers working with untrusted repositories.

A new theoretical attack described by researchers with LayerX lays out how frighteningly simple it would be for a malicious or compromised browser extension to intercept user chats with LLMs and ...

Researchers bypass GPT-5 guardrails using narrative jailbreaks, exposing AI agents to zero-click data theft risks.

Google is aware that its Gemini AI chatbot can sometimes castigate itself harshly for failing to solve a problem and plans to ...

OpenAI's ChatGPT can easily be coaxed into leaking your personal data — with just a single "poisoned" document. As Wired ...

Zenity shows AI assistants such as ChatGPT, Copilot, Cursor, Gemini, and Salesforce Einstein can be abused using specially ...