Search Results: AIsecurity

Cryptographers have demonstrated that external protections for AI models like ChatGPT are inherently vulnerable to bypass attacks. Using cryptographic tools such as time-lock puzzles and substitution ciphers, researchers prove that any safety filter operating with fewer computational resources than the core model can be exploited, exposing an unavoidable gap in AI security.

As enterprises increasingly deploy AI for document generation and administrative tasks, security teams face an alarming dilemma: commercially sensitive client information embedded in codebases and platforms becomes nearly impossible to redact before processing. This exposes critical vulnerabilities in workflows leveraging tools like Atlassian MCP, forcing a reckoning with AI's hidden data governance risks.

Google researchers reveal a new vulnerability class called 'Task Injection' that compromises autonomous AI agents by manipulating their natural language instructions. Attackers can hijack agent workflows through poisoned inputs like calendar events or emails, forcing unintended actions. This represents a fundamental security challenge as agentic AI systems become increasingly integrated into business operations.

Researchers are sounding the alarm about prompt injection and jailbreaking attacks targeting AI systems. These vulnerabilities allow malicious actors to override safety protocols and manipulate outputs, posing fundamental security challenges as language models proliferate.

As phishing scams evolve with AI-generated lures, Ward emerges as a privacy-focused Chrome extension using real-time AI analysis to shield users. We examine its open-source architecture and implications for decentralized security.

Security researchers reveal 'CometJacking'—a novel attack exploiting Perplexity's AI-powered Comet browser to steal sensitive user data like emails and calendar entries through malicious URL parameters. Despite proof-of-concept validation showing encoded data exfiltration bypassing safeguards, Perplexity dismissed the vulnerability as 'not applicable,' raising concerns about autonomous agent security.