Skip to content
The Nexus
DossierENTITY

prompt injection

Coverage of prompt injection in the Nexus archive.

Earliest in view: Apr 9 · 13:00 UTCMost recent: Jul 8 · 07:00 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 8 · 07:00 UTCARS TECHNICA
    Hackers can use 9 of the most popular AI tools to assemble massive botnets

    Hackers can exploit prompt injection vulnerabilities in 9 popular AI tools to create massive botnets. Large language models (LLMs) cannot distinguish between legitimate and malicious commands, allowing attackers to inject harmful instructions into emails or source code. Current 'push' attacks target individuals but are limited in scale due to the need to send injections directly to victims.

  • SECURITYJul 1 · 12:50 UTCMALWAREBYTES LABS
    BioShocking: when “gaming” AI agents is no longer a game

    BioShocking is an attack technique that manipulates AI-powered browsers into bypassing safety guardrails by immersing them in fictional scenarios, leading to the extraction of sensitive data like credentials. The method exploits how AI agents in 'agent mode' inherit user-authenticated contexts, making them vulnerable to goal-manipulation attacks that trick them into performing harmful actions.

  • SECURITYJun 3 · 12:01 UTCDARK READING
    Malicious Notifications Could Trick Google Gemini Users

    A prompt injection flaw in Google Gemini's voice assistant allowed attackers to hide malicious commands in notifications, enabling social engineering and other attacks. The vulnerability could trick users through deceptive notifications, exploiting the assistant's processing of input.

  • SECURITYMay 29 · 12:00 UTCTHE REGISTER
    ChatGPT blindly trusts browser content, turning the page into a payload

    A researcher discovered ChatGPT cannot distinguish between its own content and attacker-controlled Markdown from external sources, enabling prompt injection attacks that could inject phishing URLs or fake security alerts. The vulnerability, reported as 'ChatGPhish,' allows attackers to bypass desktop URL defenses via QR codes linking to attacker-controlled content, though it's unclear if OpenAI has fixed the issue.

  • TECHNOLOGYMay 28 · 20:29 UTCARS TECHNICA
    Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

    A developer added a hidden prompt injection to an open-source Java testing app, jqwik, to sabotage AI coding agents. The malicious line in version 1.10.0 instructed vulnerable AI tools to delete code and tests, sparking controversy over 'vibe coding' practices.

  • SECURITYMay 1 · 16:49 UTCCYBERSCOOP
    US government, allies publish guidance on how to safely deploy AI agents

    Cybersecurity agencies from the US, Australia, Canada, New Zealand, and the UK jointly issued guidance urging organizations to integrate autonomous AI systems into existing cybersecurity frameworks, highlighting risks like privilege overreach, design flaws, and behavioral unpredictability. The document emphasizes applying principles like zero trust and least-privilege access to mitigate threats from agentic AI in critical infrastructure and defense sectors.

  • SECURITYApr 21 · 20:02 UTCDECRYPT
    Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

    Google fixed a prompt injection vulnerability in its Antigravity AI coding tool, which could have allowed attackers to execute malicious commands despite existing safeguards. Researchers identified the flaw that bypassed security measures.

  • SECURITYApr 21 · 10:52 UTCDARK READING
    Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

    Google addressed a critical remote code execution (RCE) vulnerability in its AI-based Antigravity Tool. The flaw, a prompt injection vulnerability in an agentic AI product for filesystem operations, stemmed from a sanitization issue enabling sandbox escape and arbitrary code execution.

  • SECURITYApr 20 · 21:17 UTCCYBERSCOOP
    Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution

    Researchers at Pillar Security discovered a critical vulnerability in Google's Antigravity AI tool that allowed attackers to bypass secure mode protections, enabling remote code execution via prompt injection. The flaw, patched after a 53-day disclosure period, exploited native system tools to circumvent sandboxing, highlighting risks in agentic AI systems.

  • SECURITYApr 9 · 13:00 UTCTHE REGISTER
    Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse

    Security researchers discovered a vulnerability in Apple Intelligence, allowing attackers to hijack the AI system via prompt injection. This could put millions of users at risk, though the situation could have been worse.

prompt injection · Dossier · The Nexus