Researchers demonstrate prompt injection attacks via WhatsApp and Slack notifications

The attack relies on hidden prompts in a foreign language.
The Next Web

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned every project that uses it

A flaw in Anthropic’s Claude Code GitHub Action let attackers bypass permission checks via a fake bot account and use prompt injection to steal OIDC tokens, gaining write access to any vulnerable ...
eWeek

WhatsApp Messages on Android Expose New Gemini AI Security Risk

SafeBreach researchers showed how hidden commands in Android notifications could trick Google Gemini through indirect prompt ...