TechRadar

Prompt injection attacks might 'never be properly mitigated' UK NCSC warns

UK’s NCSC warns prompt injection attacks may never be fully mitigated due to LLM design Unlike SQL injection, LLMs lack separation between instructions and data, making them inherently vulnerable ...
Communications of the ACM

Guardians of the Agents

A more advanced solution involves adding guardrails by actively monitoring logs in real time and aborting an agent’s ongoing ...
WinBuzzer

OpenAI Deploys Automated ‘Attacker’ to Harden Atlas Browser, Admits Prompt Injection Is ‘Unsolved’

OpenAI has deployed a new automated security testing system for ChatGPT Atlas, but has also conceded that prompt injection ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

OpenAI admits prompt injection is here to stay as enterprises lag on defenses

OpenAI confirms prompt injection can't be fully solved. VentureBeat survey finds only 34.7% of enterprises have deployed ...

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is ...

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas

OpenAI says it has patched ChatGPT Atlas after internal red teaming found new prompt injection attacks that can hijack AI ...

OpenAI Admits Prompt Injection Is a Lasting Threat for AI Browsers

Security researchers have warned the users about the increasing risk of prompt injection attacks in the AI browsers.

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.