A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...

While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn't always the most efficient — and least noisy — way to get the LLM to do bad ...

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code.

AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for ...

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to ...

VLex's Vincent AI assistant, used by thousands of law firms worldwide, is vulnerable to AI phishing attacks that can steal ...

Malicious Chrome and Edge extensions collected browsing history, keystrokes and personal data from millions of users before Google and Microsoft removed them.

Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven ...

Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling ...

Several Microsoft applications designed specifically for the Apple macOS operating system are at risk of being subverted by malicious actors, according to research published by Cisco Talos. Talos ...

A step-by-step breakdown of the Trust Wallet browser extension hack, explaining how a routine update led to rapid wallet drains.

Microsoft Threat Intelligence has identified 3,000 ASP.NET keys disclosed in code documentation and repos that could be used in code injection attacks. Microsoft Threat Intelligence in December ...