Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.
Dark Reading

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.
Nature

An enzyme inside the bacterial-cell membrane chops up viral DNA on entry

When a virus infects a bacterial cell, the viral genome is the first component to be fully injected into the cell, making it an ideal immune target. A bacterial enzyme anchored to the membrane ...
The Hacker News

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?