Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
来自MSN

Pen testers accused of 'blackmail' after reporting Eurostar chatbot flaws

Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could allow an attacker to inject malicious HTML content or trick the bot into ...
eWeek

JavaScript Injection Attacks Hit .Gov Targets

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Malware researchers have flagged a massive outbreak of ...