Automation tool n8n: Updates patch code injection flaws

In the automation tool n8n, eleven security vulnerabilities have been discovered. Three of these are considered critical ...
CSO Online

VMware fixes command injection flaw in Aria Operations

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.

Microsoft Thwarts AI Prompt Injection Attacks Aimed To Manipulate AI Engines

Microsoft has implemented and continues to deploy mitigations against prompt injection attacks in Copilot, the company announced last week. Spammers were using the "Summarize with AI" type of buttons ...

When AI Systems Can Act, Prompt Injection Becomes A Security Risk

The moment an AI system can read internal systems, trigger workflows, move money, send emails, update records or approve actions, the risk profile changes.
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.