200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
BizTech

Prompt Injection Attacks: The LLM Security Risk IT Leaders Must Address

Security leaders must adapt large language model controls such as input validation, output filtering and least-privilege access for artificial intelligence systems to prevent prompt injection attacks.
Bleeping Computer

Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks. GoAnywhere MFT is a web-based ...
VentureBeat

Anthropic published the prompt injection failure rates that enterprise security teams have ...

Run a prompt injection attack against Claude Opus 4.6 in a constrained coding environment, and it fails every time, 0% success rate across 200 attempts, no safeguards needed. Move that same attack to ...
Fox News

OpenAI admits AI browsers face unsolvable prompt attacks

Cybercriminals don't always need malware or exploits to break into systems anymore. Sometimes, they just need the right words in the right place. OpenAI is now openly acknowledging that reality. The ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
ZDNet

Use an AI browser? 5 ways to protect yourself from prompt injections - before it's too late

Agentic AI browsers have opened the door to prompt injection attacks. Prompt injection can steal data or push you to malicious websites. Developers are working on fixes, but you can take steps to stay ...
ExtremeTech

OpenAI’s ChatGPT Atlas Browser Found Vulnerable to Prompt Injections

OpenAI's new ChatGPT Atlas web browser has a security flaw that lets attackers execute prompt injection attacks by disguising malicious instructions as URLs. The AI security firm NeuralTrust says the ...
CSOonline

Black Hat: Researchers demonstrate zero-click prompt injection attacks in popular AI agents

Researchers from Zenity have found multiple ways to inject rogue prompts into agents from mainstream vendors to extract sensitive data from linked knowledge sources. The number of tools that large ...
TechSpot

Google Gemini vulnerable to a stupidly easy prompt injection attack in Gmail AI summaries

AI first, security later: As GenAI tools make their way into mainstream apps and workflows, serious concerns are mounting about their real-world safety. Far from boosting productivity, these systems ...
PC World

Hackers can hide AI prompt injection attacks in resized images

“AI” tools are all the rage at the moment, even among users who aren’t all that savvy when it comes to conventional software or security—and that’s opening up all sorts of new opportunities for ...