Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue let researchers circumvent Apple’s restrictions and force the on-device LLM to execute ...
SecurityWeek

Apple Intelligence AI Guardrails Bypassed in New Attack

“RSAC estimates that there were at least 200 million Apple Intelligence-capable devices in consumers’ hands as of December ...
MUO on MSN

Yes, you can get malware just by visiting a website

It's not even your browser's fault.

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axi…

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...
Cryptopolitan

Supply chain attack on Axios could compromise crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
HHS

How Prompt Injection Attacks Undermine AI Guardrails

Large language models are inherently vulnerable to prompt injection attacks, and no amount of hardening will ever fully close that gap. The imbalance between available attacks and available ...
Bloomberg L.P.

Iran Ups Attacks on Oil-Rich Saudi Arabia as War Rages On

Iran has stepped up attacks on Saudi Arabia in recent days, signaling it’s targeting the oil-rich kingdom more aggressively than earlier in the war. Tehran launched almost 100 drones at Saudi Arabia ...
TechRepublic

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

AI assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector. Permiso researchers found that ...