Mar 19, 2026 • Vulnerability | #Model Context Protocol (MCP) #Indirect Prompt Injection #Large Language Models (LLM)

AI Conundrum: Why MCP Security Can't Be Patched Away - Dark Reading

Architectural vulnerabilities within Large Language Model (LLM) environments integrated with the Model Context Protocol (MCP) enable attackers to embed maliciou...

Read Analysis →

Mar 13, 2026 • Vulnerability | #Prompt Injection #LLM #Indirect Prompt Injection

OpenAI Acquires Promptfoo to Strengthen LLM Security Testing - thelec.net

Prompt injection attacks, particularly indirect prompt injection, pose critical enterprise security vulnerabilities by allowing attackers to manipulate Large La...

Read Analysis →

Mar 03, 2026 • Vulnerability | #Indirect Prompt Injection #AI Agents #Web-Based

Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild - Unit 42

The Unit 42 article details the real-world observation of web-based indirect prompt injection attacks targeting AI agents. This exploit involves manipulating AI...

Read Analysis →

Jan 08, 2026 • Data Leak | #ZombieAgent #Indirect Prompt Injection #ChatGPT

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues - Ars Technica

The ZombieAgent attack, a bypass of the earlier ShadowLeak exploit, leverages an indirect prompt injection vulnerability in ChatGPT to achieve character-by-char...

Read Analysis →

Nov 06, 2025 • Vulnerability | #Indirect Prompt Injection #Large Language Models #AI Supply Chain Security

Securing Intelligence: Why AI Security Will Define the Future of Trust - cfr.org

Critical vulnerabilities in AI systems include structural flaws in AI-generated code and the ability to establish backdoors in large language models using minim...

Read Analysis →

Nov 05, 2025 • Vulnerability | #Indirect Prompt Injection #ChatGPT #Data Exfiltration

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data - The Hacker News

Cybersecurity researchers have disclosed seven new vulnerabilities in OpenAI's GPT-4o and GPT-5 models, enabling indirect prompt injection attacks. These e...

Read Analysis →

Nov 04, 2025 • Data Leak | #Indirect Prompt Injection #Claude AI #Data Exfiltration

Hackers Turn Claude AI Into Data Thief With New Attack - eSecurity Planet

A novel indirect prompt injection attack allows threat actors to compromise Anthropic's Claude AI Code Interpreter, leveraging its network features to exfi...

Read Analysis →

Oct 31, 2025 • Vulnerability | #Indirect Prompt Injection #Code Interpreter #Data Exfiltration

Claude AI vulnerability exposes enterprise data through code interpreter exploit - csoonline.com

A vulnerability in Anthropic's Claude AI allows attackers to leverage indirect prompt injection against its code interpreter feature. This exploit enables ...

Read Analysis →

Oct 09, 2025 • Vulnerability | #Indirect Prompt Injection #Remote Code Execution #Agentic AI

From Assistant to Adversary: Exploiting Agentic AI Developer Tools - NVIDIA Developer

Attackers can achieve remote code execution (RCE) on developer machines by leveraging indirect prompt injection against agentic AI developer tools. This is acco...

Read Analysis →

Oct 08, 2025 • Vulnerability | #Indirect Prompt Injection #Command Injection #Remote Code Execution

How Your AI Chatbot Can Become a Backdoor - TrendMicro

An advanced attack chain exploits an LLM chatbot through indirect prompt injection (OWASP LLM01:2025) to achieve system prompt leakage and abuse excessive agenc...

Read Analysis →

Sep 25, 2025 • Data Leak | #Indirect Prompt Injection #Agentforce #ForcedLeak

Salesforce AI Agents Forced to Leak Sensitive Data - Dark Reading | Security

Researchers discovered "ForcedLeak," a critical indirect prompt injection vulnerability (CVSS 9.4) within Salesforce's Agentforce AI platform. Th...

Read Analysis →

Aug 20, 2025 • Vulnerability | #Indirect Prompt Injection #Perplexity Comet #Cross-domain access

Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet - Brave

A critical indirect prompt injection vulnerability was discovered in Perplexity's Comet AI assistant, allowing malicious instructions hidden in webpage con...

Read Analysis →

May 23, 2025 • Vulnerability | #Indirect Prompt Injection #GitLab Duo #Source Code Exfiltration

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts - The Hacker News

A critical indirect prompt injection vulnerability was discovered in GitLab Duo Chat, an AI-powered coding assistant, allowing attackers to embed hidden instruc...

Read Analysis →

May 13, 2025 • Vulnerability | #Indirect Prompt Injection #Multi-modal AI #Data Exfiltration

Unveiling AI Agent Vulnerabilities Part III: Data Exfiltration - www.trendmicro.com

This article details how indirect prompt injection exploits multi-modal AI agents by embedding malicious instructions within innocuous images or documents, lead...

Read Analysis →

May 13, 2025 • Data Leak | #Indirect Prompt Injection #Multi-modal AI Agents #Data Exfiltration

Unveiling AI Agent Vulnerabilities Part III: Data Exfiltration - TrendMicro

Multi-modal AI agents are susceptible to indirect prompt injection, where hidden instructions in external sources like images or documents can trigger sensitive...

Read Analysis →