7 threats in this category
Unit 42 discovered agent session smuggling, a technique where malicious AI agents exploit the Agent2Agent (A2A) protocol's stateful nature to inject covert instructions into victim agents. What's fasc…
Category: Threat Intelligence / AI Security / AI Security
Synack breaks down agentic AI in pentesting, contrasting it with standard LLMs. What's interesting: agents can autonomously chain tools (nmap→hashcat→curl), learn from results, and adapt—going beyond …
Category: Research & Analysis / AI Security
OpenAI released Aardvark, a ChatGPT-5-powered security model that automates bug hunting, patching, and remediation. What's different: it doesn't rely on traditional techniques like fuzzing or SCA—inst…
Category: Research & Analysis / AI Security
Microsoft published analysis of critical GenAI threats facing organizations. What's concerning: 66% of orgs are developing custom GenAI apps, 88% worry about indirect prompt injection, 80% cite data l…
Category: Research & Analysis / AI Security
As enterprises adopt generative AI and autonomous systems, secure-by-design principles are essential to prevent data leaks, model theft, and adversarial manipulation. This analysis emphasizes zero-tru…
Category: Artificial Intelligence / Strategy / AI Security
Tenable disclosed a prompt-injection issue affecting Windsurf where malicious filenames can steer model-agent tools (e.g., read_url_content) into executing unintended actions unless user approval is e…
Category: Industry News / Research & Tools / AI Security
Synack outlines a human-validated model for agentic AI in penetration testing: agents accelerate breadth (enumeration, fuzzing, known-bad checks, clustering) while researchers deliver assurance (repro…
Category: Industry News / Research & Tools / AI Security