Indirect prompt injection in Google Gemini enabled unauthorized access to meeting data

Miggo’s researchers describe the methodology as a form of indirect prompt injection leading to an authorization bypass. The ...
The Hacker News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
CSOonline

Copilot diagrams could leak corporate emails via indirect prompt injection

A now patched flaw in Microsoft 365 Copilot let attackers turn its diagram tool, Mermaid, into a data exfiltration channel–fetching and encoding emails through hidden instructions in Office documents.
Infosecurity-magazine.com

Gemini Trifecta Highlights Dangers of Indirect Prompt Injection

Network defenders must start treating AI integrations as active threat surfaces, experts have warned after revealing three new vulnerabilities in Google Gemini. Tenable dubbed its latest discovery the ...
Infosecurity-magazine.com

HashJack Indirect Prompt Injection Weaponizes Websites

Security researchers have discovered a new indirect prompt injection vulnerability that tricks AI browsers into performing malicious actions. Cato Networks claimed that “HashJack” is the first ...
Redmond Magazine

Prompt Shields AI System Security for Azure OpenAI Now Available

Microsoft has launched Prompt Shields, a new security feature now generally available, aimed at safeguarding applications powered by Foundation Models (large language models) for its Azure OpenAI ...
Search Engine Roundtable

Prompt Injection Added To Bing Webmaster Guidelines

Bing added a new guideline to its Bing Webmaster Guidelines named Prompt Injection. A prompt injection is a type of cyberattack against large language models (LLMs). Hackers disguise malicious inputs ...