Infosecurity Magazine

Telegram-Based Millenium RAT Campaign Infects 60,000 Devices

A cheap, Telegram-controlled remote access trojan (RAT) dubbed Millenium RAT has infected over 60,000 Windows devices across ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...
Communications of the ACMOpinion

Hidden Prompts in Manuscripts Exploit AI-Assisted Peer Review

Moving forward requires coordinated technical, policy, and educational responses. An outright ban on AI in peer review, as is ...

AI may be good at finding security vulnerabilities, but it can't beat human stupidity

KETTLE AI commands all the headlines nowadays, but the biggest security story of the week is all about human laziness and poor password habits – just like the good old days. That said, AI is playing a ...
The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...
SecurityWeek

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Three recently patched Fortinet FortiSandbox vulnerabilities are being targeted in the wild, according to exploit ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
SecurityWeek

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

A vulnerability that can facilitate attacks on operational technology (OT) systems is being exploited in the wild ...
Dark Reading

Apple's MacOS Gap Lets Users Disable Security Tools

Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Infosecurity Magazine

LATAM Infrastructure Hit by Fortinet and Ivanti Exploits

Entry came mainly through internet-facing security appliances. The group kept tuned exploits for Fortinet FortiOS SSL-VPN ...