Tag: injection
-
The Register: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales
Source URL: https://www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/ Source: The Register Title: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales Feedly Summary: More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers…
-
Embrace The Red: Cross-Agent Privilege Escalation: When Agents Free Each Other
Source URL: https://embracethered.com/blog/posts/2025/cross-agent-privilege-escalation-agents-that-free-each-other/ Source: Embrace The Red Title: Cross-Agent Privilege Escalation: When Agents Free Each Other Feedly Summary: During the Month of AI Bugs, I described an emerging vulnerability pattern that shows how commonly agentic systems have a design flaw that allows an agent to overwrite its own configuration and security settings. This allows the…
-
Microsoft Security Blog: Retail at risk: How one alert uncovered a persistent cyberthreat
Source URL: https://www.microsoft.com/en-us/security/blog/2025/09/24/retail-at-risk-how-one-alert-uncovered-a-persistent-cyberthreat/ Source: Microsoft Security Blog Title: Retail at risk: How one alert uncovered a persistent cyberthreat Feedly Summary: In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. With 60% of retail companies reporting operational disruptions from cyberattacks and 43% experiencing breaches in the past year, the stakes…
-
The Register: Nearly half of businesses suffered deepfaked phone calls against staff
Source URL: https://www.theregister.com/2025/09/23/gartner_ai_attack/ Source: The Register Title: Nearly half of businesses suffered deepfaked phone calls against staff Feedly Summary: AI attacks on the rise A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking…
-
Slashdot: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s
Source URL: https://it.slashdot.org/story/25/09/20/0542237/self-replicating-worm-affected-several-hundred-npm-packages-including-crowdstrikes Source: Slashdot Title: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s Feedly Summary: AI Summary and Description: Yes Summary: The Shai-Hulud malware campaign has affected numerous npm packages, including those maintained by CrowdStrike, via the injection of malicious scripts designed to steal developer credentials and exfiltrate sensitive information. The campaign highlights…
-
Cloud Blog: Back to AI school: New Google Cloud training to future-proof your AI skills
Source URL: https://cloud.google.com/blog/topics/training-certifications/new-google-cloud-training-to-future-proof-ai-skills/ Source: Cloud Blog Title: Back to AI school: New Google Cloud training to future-proof your AI skills Feedly Summary: Getting ahead — and staying ahead — of the demand for AI skills isn’t just key for those looking for a new role. Research shows proving your skills through credentials drives promotion, salary…