Cyber Defense Magazine

Prompt Injection and Model Poisoning: The New Plagues of AI Security

You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This ...

‘Gemini Trifecta’ vulnerabilities in Google AI highlight risks of indirect prompt injection

What makes the Gemini Trifecta particularly interesting is the reliance on indirect prompt injection. Unlike obvious ...
The Hacker News

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial ...

Critical WD My Cloud bug allows remote command injection

Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability ...
The Hacker News

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

ForcedLeak flaw in Salesforce Agentforce allows data exfiltration via indirect prompt injection; Salesforce issues patch.
Infosecurity Magazine

Gemini Trifecta Highlights Dangers of Indirect Prompt Injection

The first indirect prompt injection vulnerability affects Gemini Cloud Assist: a tool designed to help users understand ...
SecurityWeek

Organizations Warned of Exploited Sudo Vulnerability

CISA warned that a recently patched local privilege escalation vulnerability in Sudo has been exploited in the wild.
CSO Online

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based ...
Infosecurity Magazine

Critical Vulnerability in Salesforce AgentForce Exposed

A critical vulnerability chain in Salesforce's AI-powered AgentForce platform has been discovered by cybersecurity researchers. The flaw, known as ForcedLeak, carried a severity score of 9.4 and could ...