This Microsoft Copilot AI attack took a single click to compromise users

Security researchers Varonis have discovered Reprompt, a new way to perform prompt-injection style attacks in Microsoft ...
SecurityWeek

New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data

The Reprompt Copilot attack bypassed the LLMs data leak protections, leading to stealth information exfiltration after the ...

OpenAI admits AI browsers face unsolvable prompt attacks

OpenAI develops automated attacker system to test ChatGPT Atlas browser security against prompt injection threats and ...

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...
CSO Online

ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Security researchers from Radware have demonstrated techniques to exploit ChatGPT connections to third-party apps to turn ...

Microsoft patches single-click Copilot data stealing attack

The first Patch Tuesday (Wednesday in the Antipodes) for the year included a fix for a single-click prompt injection attack ...

IBM's AI 'Bob' could be manipulated to download and execute malware

Recently, security researchers Prompt Armor published a new report, stating that IBM’s coding agent, which is currently in ...
Computing

Single-click attack targeting Copilot users, researchers warn

Cybersecurity researchers have uncovered a new form of attack that hackers could leverage to steal sensitive information from ...
Infosecurity Magazine

New Zero-Click Attack Lets ChatGPT User Steal Data

Recently, OpenAI extended ChatGPT’s capabilities with user-oriented new features, such as ‘Connectors,’ which allows the ...
Opinion
Security BoulevardOpinion

We’re Moving Too Fast: Why AI’s Race to Market Is a Security Disaster

The recently disclosed ServiceNow vulnerability should terrify every CISO in America. CVE-2025-12420, dubbed “BodySnatcher,” represents everything wrong ...
Forbes

‘It May Be Worse’—No Fix For New Google Chrome Attacks

Welcome to the future — but be careful. “Billions of people trust Chrome to keep them safe,” Google says, adding that "the primary new threat facing all agentic browsers is indirect prompt injection.” ...
Dark Reading

ChatGPT's Memory Feature Supercharges Prompt Injection

That's according to researchers from Radware, who have created a new exploit chain it calls "ZombieAgent," which demonstrates ...