CSOonline

Prompt injection flaws in GitLab Duo highlights risks in AI assistants

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
Search Engine Land

Hidden prompt injection: The black hat trick AI outgrew

For a brief moment, hiding prompt injections in HTML, CSS, or metadata felt like a throwback to the clever tricks of early black hat SEO. Invisible keywords, stealth links, and JavaScript cloaking ...
CSOonline

Black Hat: Researchers demonstrate zero-click prompt injection attacks in popular AI agents

Researchers from Zenity have found multiple ways to inject rogue prompts into agents from mainstream vendors to extract sensitive data from linked knowledge sources. The number of tools that large ...