Microsoft incident responders publish a playbook for detecting prompt abuse in enterprise AI tools
Indirect prompt injection via URL fragments can manipulate AI outputs while evading traditional server-side visibility.
Notable developments across the security industry: law enforcement action, policy, events and vendor news.
66 reports
Indirect prompt injection via URL fragments can manipulate AI outputs while evading traditional server-side visibility.
Infostealer logs from 2024 allegedly expose Funnull backend access and a separate Gate.us compliance infiltration.
Veracode’s 2026 State of Software Security finds remediation capacity falling behind development velocity, with third-party components driving the longest-lived high-risk exposure.
In a significant development, the UK's National Crime Agency (NCA) has named Aleksandr Ryzhenkov as a key figure in the notorious Russian cybercrime group Evil Corp, while also identifying him as…
Hack.lu 2024 will take place from 22nd to 25th October in Luxembourg, showcasing the latest in cybersecurity innovation and research. Known for its wide range of topics, from malware analysis and…
In September 2024, U.S. authorities raised alarms over a significant threat that has been quietly gaining momentum this year— RansomHub , a ransomware-as-a-service (RaaS) platform that has been…
In **July 2024**, cybersecurity giant **CrowdStrike** faced a widespread **IT outage** that affected **over 8.5 million Windows systems** worldwide. This massive disruption was caused by a faulty…
In May 2024, Okta, a leading provider of identity and access management (IAM) solutions, reported a significant increase in credential stuffing attacks targeting its user base. These attacks,…
Mandiant has highlighted Russia and Iran as prominent state-sponsored cyber threats poised to disrupt the 2024 elections. Their tactics, often multilayered and complex, include data theft, DDoS…
IBM's recent announcement of acquiring HashiCorp for $6.4 billion underscores a significant shift in the cybersecurity landscape. This strategic acquisition aims to bolster IBM's capabilities in…
A new phishing campaign leveraging Autodesk Drive has come to light, targeting corporate users through seemingly legitimate PDF files. Cybersecurity experts at Netcraft have uncovered that…
The recent security breach at MITRE Corporation has raised significant concerns, given the organization's critical role in cybersecurity research and development. In January 2024, a…