The Hacker News

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

ForcedLeak flaw in Salesforce Agentforce allows data exfiltration via indirect prompt injection; Salesforce issues patch.

Hidden prompt injection: The black hat trick AI outgrew

Invisible prompts once tricked AI like old SEO hacks. Here’s how LLMs filter hidden commands and protect against manipulation ...
The Hacker News

iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

Stripe iframe skimmer hit 49 merchants in Aug 2024, bypassing CSP to steal cards, driving PCI DSS 4.0.1 updates.
PCMag on MSN

Meta Explains Multiple Live AI Demo Fails at Connect: ‘We DDoS’d Ourselves’

This time, Zuckerberg performed the demo himself, showcasing the new neural band technology, which he calls a "huge ...

Hackers can now inject AI deepfakes directly into iOS video calls using this tool - here's how to stay safe

Hackers exploit specialized tool to inject AI deepfakes into iOS calls, bypassing cameras and challenging current identity ...