Security Boulevard

Silent Push Exposes Magecart Network Operating Since Early 2022

Silent Push reveals a sophisticated Magecart network using web skimmers to steal credit card data from online shoppers, highlighting the need for enhanced cybersecurity measures.
Opinion

IBM's AI agent Bob easily duped to run malware, researchers show

That's apparently the case with Bob. IBM's documentation, the PromptArmor Threat Intelligence Team explained in a writeup provided to The Register, includes a warning that setting high-risk commands ...
CyberGuy

Fake error popups are spreading malware fast

Fake error popups now trick people into running malware themselves. A new tool makes these attacks faster and harder to ...

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do ...

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...

Reprompt attack let hackers hijack Microsoft Copilot sessions

Researchers identified an attack method dubbed "Reprompt" that could allow attackers to infiltrate a user's Microsoft Copilot ...
Dark Reading

ChatGPT's Memory Feature Supercharges Prompt Injection

That's according to researchers from Radware, who have created a new exploit chain it calls "ZombieAgent," which demonstrates ...

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...
CSO Online

ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Security researchers from Radware have demonstrated techniques to exploit ChatGPT connections to third-party apps to turn ...