Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.
Tag: indirect
AI, Global Security News
Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents
AI, Global Security News
GrafanaGhost Vulnerability Allows Data Theft via AI Injection
GrafanaGhost is a critical vulnerability in Grafana’s AI components that uses indirect prompt injection and protocol-relative URL bypasses to exfiltrate data.
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Zero‑click Grafana AI attack can enable enterprise data exfiltration
Indirect prompt injection is possible on AI-powered dashboards, allowing exfiltration of sensitive enterprise data without user authentication. Security researchers are warning about a critical Grafana issue, dubbed GrafanaGhost, that allows attackers to leak sensitive data from Grafana environments, including financial metrics, infrastructure health data, private customer data, and operational logs, among others. Noma Security disclosed…
Data Breaches, Global Security News, Security
Volvo Group North America customer data exposed in Conduent hack
Volvo Group North America disclosed that it suffered an indirect data breach stemming from the compromise of IT systems at American business services giant Conduent, of which Volvo is a customer. […]