News

CSO Online18h
Black Hat: Researchers demonstrate zero-click prompt injection attacks in popular AI agents
Researchers from Zenity have found multiple ways to inject rogue prompts into agents from mainstream vendors to extract ...
Infosec hounds spot prompt injection vuln in Google Gemini apps
Not a very smart home: crims could hijack smart-home boiler, open and close powered windows and more. Now fixed ...
The Hacker News2h
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Researchers bypass GPT-5 guardrails using narrative jailbreaks, exposing AI agents to zero-click data theft risks.
A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT
Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed ...
Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home
For likely the first time ever, security researchers have shown how AI can be hacked to create real world havoc, allowing ...
Hackers can control smart homes by hijacking Google’s Gemini AI
A prompt injection attack using calendar invites can be used for real-world effects, like turning off lights, opening window ...
Poisoned calendar invite shows just how easily Gemini can be tricked to hijack your smart home
Researchers used a calendar invite to make Gemini control lights, windows, and more in a real-world smart home hack.
Get Ready, the AI Hacks Are Coming
The hack, laid out in a paper titled “Invitation Is All You Need!”, the researchers lay out 14 different ways they were able ...
Beware of promptware: How researchers broke into Google Home via Gemini
Researchers demonstrated a way to hack Google Home devices via Gemini. Keeping your devices up-to-date on security patches is ...
This is how malicious hackers could exploit Gemini AI to control a smart home.
This Wired article shows how an indirect prompt injection attack against a Gemini-powered AI assistant could cause the bot to ...
Researchers design “promptware” attack with Google Calendar to turn Gemini evil
The promptware attack begins with a calendar appointment containing a description that is actually a set of malicious ...
CSO Online10d
Google patches Gemini CLI tool after prompt injection flaw uncovered
Critical flaw in new tool could allow attackers to steal data at will from developers working with untrusted repositories.