Dark Reading

Supply Chain Attack Secretly Installs OpenClaw for Cline Users

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
The Hacker News

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.
The Hill

Iranian foreign minister warns of attacks on US bases if Washington strikes

Iran’s foreign minister said that Tehran would attack U.S. military bases if Washington conducts strikes in the Middle Eastern country, warning that “U.S. bases are spread all over the region.” “In my ...
Forbes

When AI Agents Turn Against You: The Prompt Injection Threat Every Business Leader Must Understand

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Prompt injection attacks can manipulate AI behavior in ways that traditional cybersecurity ...
MIT Technology Review

Rules fail at the prompt, succeed at the boundary

Why the first AI-orchestrated espionage campaign changes the agent security conversation Provided byProtegrity From the Gemini Calendar prompt-injection attack of 2026 to the September 2025 ...
Harvard Medical School

Why AI Keeps Falling for Prompt Injection Attacks

Bruce Schneier and Barath Raghavan explore why LLMs struggle with context and judgment and, consequently, are vulnerable to prompt injection attacks. These 'attacks' are cases where LLMs are tricked ...
CSOonline

Google Gemini flaw exposes new AI prompt injection risks for enterprises

A newly disclosed weakness in Google’s Gemini shows how attackers could exploit routine calendar invitations to influence the model’s behavior, underscoring emerging security risks as enterprises ...
Ars Technica

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...
Foreign Policy

Why a U.S. Attack on Iran Would Backfire

This issue is preventing our website from loading properly. Please review the following troubleshooting tips or contact us at [email protected]. By submitting your ...
Ars Technica

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from ...
Fox News

OpenAI admits AI browsers face unsolvable prompt attacks

Cybercriminals don't always need malware or exploits to break into systems anymore. Sometimes, they just need the right words in the right place. OpenAI is now openly acknowledging that reality. The ...
USA Today

FBI says it foiled 'potential terrorist attack' on New Year's Eve

The FBI announced it disrupted a "potential terrorist attack" planned at a grocery store on New Year's Eve in North Carolina. The suspect, 18-year-old Christian Sturdivant of Mint Hill, North Carolina ...