CSO Online

Prompt injection breaks today’s AI agents, study warns

Researchers say current AI agents fail to consistently resist prompt injection attacks, exposing enterprises to failures that ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Google Chrome is warning developers that WebMCP tools can be used to manipulate and hijack AI agents. New guidance outlines ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.