All news with #prompt security tag

📎 Modern phishing now prioritizes speed over persuasion. By forcing immediate downloads via trusted cloud providers (for example Dropbox?s dl=1), attackers remove the preview step and exploit double extensions and hidden OS behavior to disguise executables. Cortex Email Security applies deep static analysis, behavioral signals, and LLM-based intent classification to detect forced-download parameters, identity-bound cloaking, and rotating social-engineering lures before they reach endpoints.

🔐 Google outlines a continuous, layered approach to mitigating indirect prompt injection (IPI) across Workspace with Gemini, combining proactive discovery, synthetic data generation, and iterative defenses. Human and automated red-teaming, an AI Vulnerability Rewards Program, and OSINT monitoring are used to catalog and expand attack variants. Deterministic configuration controls, ML retraining, LLM prompt hardening, and model-level defenses are validated through comparative testing to reduce IPI success while preserving routine performance.

🔒 Enterprise AI guardrails meant to prevent misuse are increasingly blocking legitimate defensive activity, creating an asymmetry that favors attackers. Widely deployed, enterprise-approved models often refuse realistic phishing simulations, exploit proofs-of-concept, or multi-step red-team scenarios once prompts resemble real-world attacks. Attackers evade these limits using jailbroken models, open-source deployments, fine-tuning, and underground toolkits. The article calls for authorization-based access, purpose-built security sandboxes, and vetting workflows so safety controls protect against misuse without crippling defenders.

⚠️Microsoft warns that legitimate companies are embedding hidden instructions in 'Summarize with AI' buttons to bias chatbot memory and recommendations. The Defender Security Research Team calls this AI Recommendation Poisoning, finding more than 50 distinct prompts from 31 firms across 14 industries that attempt to make assistants 'remember' and favor a source in future conversations. The technique uses prefilled URL parameters and turnkey tools like CiteMET, and Microsoft advises users and organizations to audit assistant memory, avoid untrusted AI links, hover over AI buttons, and hunt for suspicious prompt keywords.

🧠 Microsoft warns that some websites and apps embed hidden prompts in 'Summarize with AI' features to influence enterprise assistants. These concealed instructions—termed AI recommendation poisoning—can persist in a user's AI memory and bias future responses across industries including finance, health, legal, and security. Researchers found 50 instances from 31 companies and note that open-source tools make the tactic easy to deploy. Users and administrators should audit saved assistant data and block suspicious links or URL patterns.

🔒 Most security leaders assume they know where sensitive data resides, but rapid AI adoption has created a new exposure surface in AI inference traffic. Prompts often contain source code, contracts, PII and proprietary workflows that flow through application layers, logs and third‑party services without classification or adequate controls. Traditional protections — transport encryption, legacy DLP and standard logging practices — frequently fail to prevent prompt leakage, producing an often invisible and growing enterprise risk.

🔒 OpenClaw is an open-source, agentic AI assistant that can run locally or on servers, connect to LLMs and external APIs, and autonomously perform actions such as sending email or controlling browsers. Its local storage of config and broad access (files, terminals, sometimes root) makes misconfigured deployments attractive as backdoors. CrowdStrike observed rapid adoption and internet-exposed instances, and recommends discovery, runtime guardrails, and automated removal integrated into detection workflows.

🔒 A recent analysis by koi.ai, highlighted by Bruce Schneier and Boing Boing, reports that the Urban VPN Proxy browser extension is surreptitiously intercepting conversations across multiple AI services. The extension embeds dedicated executor scripts for ten AI platforms and captures every prompt, every response, conversation identifiers, timestamps, session metadata, and the specific model or platform used. Harvesting is enabled by default via hardcoded flags and runs continuously in the background regardless of whether the VPN is active; there is no user-facing toggle and the only effective remediation is to uninstall the extension.

🔍 This spotlight report examines how AI is reshaping IT careers across roles—from developers and SOC analysts to helpdesk staff, I&O teams, enterprise architects, and CIOs. It identifies emerging functions and essential skills such as prompt engineering, model governance, and security-aware development. The report also offers practical steps to adapt learning paths, demonstrate capability, and align individual growth with organizational AI strategy.

🔒 Cloudflare introduces AI prompt protection inside its Data Loss Prevention (DLP) product on Cloudflare One, designed to detect and secure data entered into web-based GenAI tools like Google Gemini, ChatGPT, Claude, and Perplexity. The capability captures both prompts and AI responses, classifies content and intent, and enforces identity-aware guardrails to enable safe, productive AI use without blanket blocking. Encrypted logging with customer-provided keys provides auditable records while preserving confidentiality.