Tootfinder

Opt-in global Mastodon full text search. Join the index!

@metacurity@infosec.exchange
2026-01-05 14:05:09

After two glorious weeks off , Metacurity is back with a holiday round-up edition of the top infosec developments you should know, including
--Substation destruction and not cyber expertise likely led to Caracas power outages,
--Denmark says Russia was behind destructive cyberattacks,
--CISA staffers suspended after organizing polygraph test of acting director,
--Chinese cyberattacks on Taiwan jumped in 2025,
--OpenAI says prompt injection attack risks are here t…

Substation destruction and not cyber expertise likely led to Caracas power outages
Denmark says Russia was behind destructive cyberattacks, CISA staffers suspended after organizing polygraph test of acting director, Chinese cyberattacks on Taiwan jumped in 2025, OpenAI says prompt injection attack risks are here to stay, European Space Agency confirms breach, much more

@michabbb@social.vivaldi.net
2026-01-05 15:47:21

🔧 Prompt sensitivity testing - verify small phrasing changes don't break behavior (formal vs casual openings)
💰 Cost tracking built-in - use cheap model for conversation, smarter model for judging. Budget alerts at $5/month, run tests nightly not on every commit
🎓 Real catches: character breaks, premature agreement, prompt injection leaks, persona drift in long conversations

@Techmeme@techhub.social
2025-12-22 23:45:44

OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, including building an "LLM-based automated attacker" (Rebecca Bellan/TechCrunch)
techcrunch.com/2025/12/22/open

OpenAI says AI browsers may always be vulnerable to prompt injection attacks | TechCrunch
OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is beefing up its cybersecurity with an "LLM-based automated attacker."

@offenenetze@chaos.social
2025-12-29 10:19:34

39C3: Sicherheitsforscher kapert KI-Coding-Assistenten mit Prompt Injection | heise online
heise.de/-11125630

39C3: Sicherheitsforscher kapert KI-Coding-Assistenten mit Prompt Injection
Auf dem 39C3 zeigte Johann Rehberger, wie leicht sich KI-Coding-Assistenten kapern lassen. Viele Lücken wurden gefixt, doch das Grundproblem bleibt.

@metacurity@infosec.exchange
2026-01-20 20:58:59

Prompt Injection Bugs Found in Official Anthropic Git MCP Server
infosecurity-magazine.com/news

Prompt Injection Bugs Found in Official Anthropic Git MCP Server
Three vulnerabilities in Anthropic's Git server for the MCP can be exploited via prompt injection

@gwire@mastodon.social
2026-01-20 13:14:11

MCP all the things.
theregister.com/2026/01/20/ant

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution
: Prompt injection for the win

@Techmeme@techhub.social
2025-11-25 23:56:33

How an indirect prompt injection can manipulate Google's Antigravity IDE to invoke a malicious browser subagent and exfiltrate data; Google is working on a fix (PromptArmor)
promptarmor.com/resources/goog

Google Antigravity Exfiltrates Data
An indirect prompt injection in an implementation blog can manipulate Antigravity to invoke a malicious browser subagent in order to steal credentials and sensitive code from a user’s IDE.

@newsie@darktundra.xyz
2025-12-08 13:19:12

UK intelligence warns AI 'prompt injection' attacks might never go away therecord.media/prompt-injecti

UK intelligence warns AI 'prompt injection' attacks might never go away
A top technologist at the U.K.’s National Cyber Security Centre said “there’s a good chance” that prompt injection attacks against AI will never be eliminated, and he warned of the related risks of embedding generative AI into digital systems globally.

@cdarwin@c.im
2025-12-26 06:36:59

Evidence that AI is normal technology include AI systems that are good enough to be useful but not good enough to be trusted, continuing to require human oversight that limits productivity gains;
prompt injection and security vulnerabilities remain unsolved, constraining what agents can be trusted to do;
domain complexity continues to defeat generalization, and what works in coding doesn’t transfer to medicine, law, science;
regulatory and liability barriers prove high enou…

What If? AI in 2026 and Beyond
The market is betting that AI is an unprecedented technology breakthrough, valuing Sam Altman and Jensen Huang like demigods already astride the world. The

@migueldeicaza@mastodon.social
2026-01-15 03:15:07

In this world nothing can be said to be certain except death, taxes and LLM will dutifuly exfiltrate your data via a hidden prompt:
promptarmor.com/resources/clau

Claude Cowork Exfiltrates Files
Claude Cowork is vulnerable to file exfiltration attacks via indirect prompt injection as a result of known-but-unresolved isolation flaws in Claude's code execution environment.

@almad@fosstodon.org
2026-01-28 05:46:54

So many predictions saying how AI and crypto will converge this year, because agents need to pay.
I look forward to it. Merging a famous fractal scam industry (as meticulously documented by @…) with a technology that still haven't taken even a stab at solving prompt injection (as meticulously documented by @…

@metacurity@infosec.exchange
2026-01-24 12:17:56

Happy Saturday! Metacurity offers our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush.
This week's selection covers
--The untouchable hacker god who destroyed psychotherapy patients,
--AI prompt injection is an unsolvable problem,
--Deepfakes are messing up Canada's justice system,
--What the hack of Russia's Unified Military Registry revea…

Best infosec-related long reads for the week of 1/17/26
The untouchable hacker god who destroyed psychotherapy patients, AI prompt injection is an unsolvable problem, Deepfakes are messing up Canada's justice system, What the hack of Russia's Unified Military Registry revealed, The US military needs to accelerate its tests of AI trustworthiness

@Techmeme@techhub.social
2025-11-24 20:35:48

Anthropic says Claude Opus 4.5 is "harder to trick with prompt injection than any other frontier model in the industry" but isn't "immune" to such attacks (Hayden Field/The Verge)
theverge.com/ai-artificial-int

Anthropic’s new model is its latest frontier in the AI agent battle — but it’s still facing cybersecurity concerns
Claude Opus 4.5 is out today.

@metacurity@infosec.exchange
2025-12-08 13:54:29

Check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--77,000-plus IP addresses are vulnerable to maximum severity React2Shell flaw,
--NCSC warns prompt injection threats might be forever,
--Apple and Google issue new spyware warnings,
--Apache Tika critical flaw allows XXE injection attacks,
--Japanese high school student accused of using ChatGPT to attack internet cafe chain,
--US is…

77,000-plus IP addresses are vulnerable to maximum severity React2Shell flaw
NCSC warns prompt injection threats might be forever, Apple and Google issue new spyware warnings, Apache Tika critical flaw allows XXE injection attacks, Japanese high school student accused of using ChatGPT to attack internet cafe chain, US issues $10m reward for Iranian hackers, much more