Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
TMCnet

Snyk Adds Agentic Development Security to its AI Security Platform: The Enforcement Layer for the AI Agents Now Building Enterprise Software

Snyk, the AI security company, today announced Evo Agentic Development Security (ADS), extending security coverage to the AI workforce powering modern software development. Evo ADS secures how ...
techtimes

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub shipped /security-review — a dedicated slash command for GitHub Copilot CLI — on Wednesday, putting AI-driven vulnerability scanning inside the terminal for the first time as an experimental ...
The Hacker News

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AryStinger malware has infected 4,300 Realtek RTL819X routers, using old CVEs to scan targets, tunnel traffic, and hide ...
Biometric Update

New spying threats force rethink of biometric identity checks

The effort to make identity more trustworthy may therefore expand the surveillance capabilities built into ordinary ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...

97% Of LLMS.txt Files Got No Requests, Ahrefs Data Shows

Ahrefs analyzed 137K domains and found 97% of llms.txt files received zero requests. AI retrieval bots accounted for 1% of ...
techtimes

Anthropic AI Vulnerability Scanner in Enterprise Beta: IBM Joins Glasswing After 10,000 Flaws Found

Anthropic opened Claude Security to public beta for all Claude Enterprise customers on April 30, giving engineering teams an AI-powered codebase scanner that identifies vulnerabilities without ...

Mitiga Labs Launches Skillgate to Detect Risks in AI Agent Skills and Configurations

The free scanner detects, flags, and scores attack techniques hidden in AI agent skills, hooks, and configuration files before an agent acts on themNEW YORK--(BUSINESS WIRE)--Mitiga, the leader in ...

OrcaRouter Releases AI Threat Report 2026 and Makes Its Security Controls Free Amid Rise in Prompt-Injection Attacks

OrcaRouter, the OpenAI-compatible LLM gateway, today published The AI Threat Report 2026 and made two of its security controls available at no cost to all users: the agent Firewall and input/output ...