ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do ...

Microsoft Copilot AI attack took just a single click to compromise users - here's what we know

Security researchers Varonis have discovered Reprompt, a new way to perform prompt-injection style attacks in Microsoft ...

This 'ZombieAgent' zero click vulnerability allows for silent account takeover - here's what we know

In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows ...
The Register on MSN

OpenAI putting bandaids on bandaids as prompt injection problems keep festering

Happy Groundhog Day! Security researchers at Radware say they've identified several vulnerabilities in OpenAI's ChatGPT ...
Bleeping Computer

Severe SQL Injection Flaw Discovered in WordPress Plugin with Over 1 Million Installs

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...
Bleeping Computer

PoC exploits released for critical bugs in popular WordPress plugins

Three popular WordPress plugins with tens of thousands of active installations are vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly ...
Threat Post

Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection

Fujitsu is stopping sales for its popular wireless keyboard after a researcher discovered it is vulnerable to keystroke injection attacks that could allow an adversary to take control of a victim’s ...