Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.
Infosecurity Magazine

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.

The rise of Moltbook suggests viral AI prompts may be the next big security threat

History may soon repeat itself with a novel new platform: networks of AI agents carrying out instructions from prompts and sharing them with other AI agents, which could spread the instructions ...
Security Boulevard

MCP security: How to prevent prompt injection and tool poisoning attacks

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...
Security Boulevard

Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...
Network World

F5 tackles AI security with new platform extensions

F5's Guardrails blocks prompts that attempt jailbreaks or injection attacks, and its AI Red Team automates vulnerability discovery in AI systems.
SiliconANGLE

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...
InfoWorld

Building AI agents the safe way

The best defense against prompt injection and other AI attacks is to do some basic engineering, test more, and not rely on AI to protect you. If you want to know what is actually happening in ...
EurekAlert!

Vulnerability of large language models to prompt injection when providing medical advice

About The Study: In this quality improvement study using a controlled simulation, commercial large language models (LLM’s) demonstrated substantial vulnerability to prompt-injection attacks (i.e., ...
Lifehacker

ChatGPT's AI Browser Has a Nasty Security Vulnerability

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...
GitHub

A SQL Injection vulnerability has been found in Epsilon...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...