More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
SecurityWeek

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

AI agent social network Moltbook vulnerability exposing sensitive data and malicious activity conducted by the bots.
IEEE

SQL Injection Attacks Targeting E-Commerce Web Applications: Causes, Consequences, and Prevention Strategies

Abstract: SQL Injections are a type of web application attack, although common, this type of attack was identified to be one of the biggest threats in the digital world and still has continuous growth ...
IEEE

A Hybrid Deep Learning Model for SQL Injection Attack Detection

Abstract: An increasing number of web application services raises significant security concerns. Online access to these applications exposes them to multiple cyberattacks. The Open Web Application ...
Ars Technica

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
Forbes

‘It May Be Worse’—No Fix For New Google Chrome Attacks

Welcome to the future — but be careful. “Billions of people trust Chrome to keep them safe,” Google says, adding that "the primary new threat facing all agentic browsers is indirect prompt injection.” ...
Forbes

Beware Of Spiderman-As-A-Service Web Of Attacks

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. A new cybercrime kit dubbed Spiderman since it weaves “an ...
Infosecurity-magazine.com

UK NCSC Raises Alarms Over Prompt Injection Attacks

Prompt injection vulnerabilities may never be fully mitigated as a category and network defenders should instead focus on ways to reduce their impact, government security experts have warned. Then ...
SlashGear

AI Browsers Face A New Kind Of Attack, And It Puts Your Privacy At Risk

Companies like OpenAI, Perplexity, and The Browser Company are in a race to build AI browsers that can do more than just display webpages. It feels similar to the first browser wars that gave us ...
The Hacker News

5 Threats That Reshaped Web Security This Year [2025]

As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection ...
ZDNet

Use an AI browser? 5 ways to protect yourself from prompt injections - before it's too late

Agentic AI browsers have opened the door to prompt injection attacks. Prompt injection can steal data or push you to malicious websites. Developers are working on fixes, but you can take steps to stay ...