Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...
Tech Times

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub Copilot security scanning arrives in the terminal with /security-review, an experimental pre-commit slash command that uses LLM inference to flag injection flaws, XSS, path traversal, and weak ...
Biometric Update

New spying threats force rethink of biometric identity checks

The effort to make identity more trustworthy may therefore expand the surveillance capabilities built into ordinary ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
TMCnet

Snyk Adds Agentic Development Security to its AI Security Platform: The Enforcement Layer for the AI Agents Now Building Enterprise Software

Snyk, the AI security company, today announced Evo Agentic Development Security (ADS), extending security coverage to the AI workforce powering modern software development. Evo ADS secures how ...
The Hacker News

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AryStinger malware has infected 4,300 Realtek RTL819X routers, using old CVEs to scan targets, tunnel traffic, and hide ...

97% Of LLMS.txt Files Got No Requests, Ahrefs Data Shows

Ahrefs analyzed 137K domains and found 97% of llms.txt files received zero requests. AI retrieval bots accounted for 1% of ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...

Mitiga Labs Launches Skillgate to Detect Risks in AI Agent Skills and Configurations

The free scanner detects, flags, and scores attack techniques hidden in AI agent skills, hooks, and configuration files before an agent acts on themNEW YORK--(BUSINESS WIRE)--Mitiga, the leader in ...

OrcaRouter Releases AI Threat Report 2026 and Makes Its Security Controls Free Amid Rise in Prompt-Injection Attacks

OrcaRouter, the OpenAI-compatible LLM gateway, today published The AI Threat Report 2026 and made two of its security controls available at no cost to all users: the agent Firewall and input/output ...

The 11 standout startups from YC’s Demo Day, according to VCs

TechCrunch spoke to investors to find the hottest startups in the Spring 2026 YC batch. Some of them commanded valuations of over $175 million, VCs said.