Cybersecurity articles
═══ CYBERSECURITY ═══
GitHub CodeQL 2.26.0 added system prompt injection detection, pulling AI prompt security into ordinary static analysis and treating prompts like application inputs.
Stanford's Real World AI Security conference put BrowseSafe on the program, and the paper shows why prompt injection in browser agents is a web-security problem with real actions attached.
OpenAI's Daybreak expansion and Patch the Planet initiative show the AI security race moving from vulnerability discovery into patch production, maintainer burden, and controlled access.
Microsoft's AutoJack research showed how a browsing AI agent could turn a malicious web page into host-level code execution through a local MCP control plane.
The Atomic Arch campaign turned trusted-looking AUR packages into a route for rootkit-like credential theft. The old advice to read the build script is starting to look painfully small.
Microsoft-owned GitHub repositories were disabled after Miasma malware hit Azure and AI coding tool workflows. The repo is no longer passive infrastructure. It is part of the runtime.
Hackers reportedly tricked Meta's AI support assistant into changing Instagram account emails and handing over reset flows. The failure lived in the permissions.
ChatGPhish turns ChatGPT page summaries into a phishing surface. The exploit is not glamorous. That is the problem.
Sysdig captured an LLM-driven intrusion that moved from a vulnerable notebook server to an internal PostgreSQL dump in under an hour. The attacker did not need a better exploit. They needed a tireless operator.