New BioShocking attack manipulates AI browser into data theft

A new prompt injection attack dubbed "BioShocking" could trick AI-powered browsers into treating real-world risky actions as ...

New attack provides one more reason why AI browsers are a bad idea

Makers of AI browsers make lofty promises. With a single prompt, users can ask one to find a restaurant in a particular part ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...
Biometric Companies

2026 Injection Attack Detection Market Report and Buyer’s Guide

This 50-page 2026 Injection Attack Detection Market Report and Buyers Guide from Biometric Update and Goode Intelligence explores how injection attacks are evolving alongside generative AI, remote ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Tom's Hardware on MSN

Hades malware campaign now tricks AI bots by injecting text about biological and nuclear weapons

This is probably the dictionary illustration for "deceptively simple." ...
Yahoo

Police fire water cannon on second night of anti-immigrant protests in Northern Ireland

Add Yahoo as a preferred source to see more of our stories on Google. PA Media via Getty Images Police in Northern Ireland deployed water cannons as anti-immigrant protests entered their second night ...