Dark Reading

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

The Most Ignored Practice In AI Coding: Test-Driven Development

Most engineering teams today say they’ve adopted AI coding tools like Cursor, GitHub Copilot and Claude Code. The tools are ...
CSO Online

Copilot and Agentforce fall to form-based prompt injection tricks

Prompt injection flaws in Microsoft Copilot Studio and Salesforce Agentforce let attackers weaponize form inputs to override ...
The Next Web

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Researchers hijacked Claude, Gemini, and Copilot AI agents via prompt injection to steal API keys and tokens. All three ...