Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.
Nature

CRISPR makes enhanced cancer-fighting immune cells inside mice

The powerful gene-editing technique CRISPR–Cas9 might offer a way to make safer, more effective cancer-fighting immune cells ...

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
Nature

An enzyme inside the bacterial-cell membrane chops up viral DNA on entry

When a virus infects a bacterial cell, the viral genome is the first component to be fully injected into the cell, making it an ideal immune target. A bacterial enzyme anchored to the membrane ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?