Project Glasswing: what Mythos showed us
…That one thing might be a single complex feature, transitions across security boundaries, or a specific vulnerability class like command injections, where attacker input ends up being run as a shell command…
Search
All sources
theregister.com
17
blog.google
9
anthropic.com
7
xda-developers.com
7
developer.nvidia.com
6
github.blog
6
huggingface.co
5
blog.cloudflare.com
5
bleepingcomputer.com
4
rockpapershotgun.com
4
pcworld.com
4
appleinsider.com
3
Top stories
People are using prompt injection to trick Meta's AI into handing over Instagram accounts
2d agoHackers hijack thousands of sites for ClickFix and FakeUpdate attacks
3d agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code
6d agoGhost CMS SQL injection flaw exploited in large-scale ClickFix campaign
1w agoAnnouncing Claude Managed Agents on Cloudflare
…This lets you inject secrets into requests outside the sandbox, so the agent never has access to them. This protects against exfiltration attacks. And sometimes internal services shouldn’t ever be exposed…
Using AI to stop tech support scams in Chrome
…And finally, we are collaborating with our research counterparts to explore solutions to potential exploits such as prompt injection in content and timing bypass. POSTED IN:
Small Language Models trained for your industry can deliver more for your business
…can’t be retained by third-party API providers, made vulnerable to model inversion attacks, or injected into agentic pipelines. You need air-gapped inference for tier-one sensitive workloads, differential privacy…
Discussions and forums
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
Interesting new research you may have heard of on attacking large audio language models. The attack is called AudioHijack and the part worth paying attention to is that adversarial clips built against open models transfe…
Show HN: How to analyze your LLM output – A behavioural health monitor for LLMs
Hey HN! We're Dr. Kashyap Thimmaraju and Giuseppe Canale from Silicon Psyche. We've built Posture Sequence Analysis (PSA), a behavioural health monitor for LLMs and AI Agents.Why we built PSAWe built PSA because we wante…
9
5
Paper page - MemPrivacy: Privacy-Preserving Personalized Memory Management for Edge-Cloud Agents
…This creates a large privacy attack surface: plaintext prompts and logs may contain PII , medical/financial data, credentials cloud memory stores can leak via retrieval, prompt injection, inversion, or misconfiguration naïve mitigation…
Complexity is a choice. SASE migrations shouldn’t take years.
…Automatically discover and label every LLM endpoint exposed to the internet, providing immediate visibility into your AI attack surface. Request validation : Prevent "AI-jacking" by blocking prompt injections and malicious inputs designed…
OpenClaw AI is going viral. Don't install it
…of “sudo,” the Linux “superuser” command. OpenClaw is also worryingly vulnerable to “prompt injection” attacks, which aim to trick an LLM into ignoring its guardrails and do things like leak…
A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain
…in the same May 11 TanStack attack, that some credential material was exposed, and that signing keys for Windows, macOS, iOS, and Android were impacted, prompting it to re-sign its apps…
Claude's newest model is a step forward and two steps back, and it's infuriating
…Finally, the model also shows significant improvement in agentic safety, meaning it's a lot better at recognizing and refusing prompt injection attacks when you're using it as an agent. Opus…
NVIDIA NeMo Agent Toolkit
…Team agentic workflows and find points of exploitability and vulnerabilities like prompt injection, jail break, tool poisoning, and other custom attacks. Visualize the results on a dashboard and analyze risks. Apply pluggable…