Posts tagged #prompt-injection
═══ #PROMPT-INJECTION ═══
GitHub CodeQL 2.26.0 added system prompt injection detection, pulling AI prompt security into ordinary static analysis and treating prompts like application inputs.
Stanford's Real World AI Security conference put BrowseSafe on the program, and the paper shows why prompt injection in browser agents is a web-security problem with real actions attached.
Microsoft's AutoJack research showed how a browsing AI agent could turn a malicious web page into host-level code execution through a local MCP control plane.
ChatGPhish turns ChatGPT page summaries into a phishing surface. The exploit is not glamorous. That is the problem.