Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue let researchers circumvent Apple’s restrictions and force the on-device LLM to execute attacker-controlled actions.
SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
Enterprise News on MSN

Stoughton med spa owner admits to injecting clients with fake Botox

Rebecca Fadanelli injected hundreds of unsuspecting clients with fake drugs, all while falsely claiming to be a nurse, ...

Your Pixel can now use your apps for you, and yes, it's as bizarre as it sounds

In 2024, devices like the Humane AI Pin and the Rabbit R1 were selling the idea that AI could navigate apps and services for ...
SecurityWeek

Apple Intelligence AI Guardrails Bypassed in New Attack

“RSAC estimates that there were at least 200 million Apple Intelligence-capable devices in consumers’ hands as of December ...

Major Google Bug Triggers Gemini AI Leak in Google Pay for Business, Oyo Hotels and Other Apps: Report

For end users, this means any data shared with Gemini, such as documents, images, or audio, and stored in the Files API, can ...