#LLM security
11 stories taggedLLM security.

AI Agents Can Be Tricked Into Sending Money. Zscaler Has the Data.
A new study shows that some expensive, enterprise-grade AI assistants fall for hidden instructions that most humans would ignore, and experts warn the real danger is far bigger than a fake three-dollar fee.

Context Manipulation Attack 'BioShocking' Turns Agentic Browsers Into Credential Thieves
Researchers demonstrate how feeding poisoned context to AI-driven browser agents causes them to quietly drop safety guardrails and exfiltrate stored credentials.

North Korean Malware Tells AI Analyzers to Look Away
A macOS sample attributed to Pyongyang-linked actors contains prompts designed to make LLM-assisted security tools abandon their analysis. Defenders are starting to notice the pattern.

AI Agents Are Being Manipulated Through the Data They Trust
Hidden content injections and context poisoning are turning autonomous AI pipelines into attack surfaces. Here's what defenders need to understand before deploying agents at scale.

AI-SPM Is Now a Real Category. Here's Why Your Organization Probably Needs It.
More than half of enterprise AI agents run without security oversight or logging. A maturing class of AI security posture management tools exists to fix that — if you know what to look for.

AI Web Agents Have No Reliable Prompt Injection Defenses, Benchmark Finds
Researchers ran 3,168 adversarial tests against GPT-5 and Gemini-powered agents. The 'Robust Behavior' outcome — agent completes task, attacker gets nothing — never appeared.

AI Red Teaming Grew Up. The Job Description Is Still Being Written.
The tools broke when LLMs arrived. Now the discipline is rebuilding itself in real time — and the threat model includes teenagers with too much free time.

A Free LLM, a Custom Harness, and 27 Compromised VMs: The AI Worm You Don't Need a Lab to Build
University of Toronto researchers built a self-replicating AI worm using only locally-hosted open models. It spread to 82% of its targets. The threat model here isn't frontier AI — it's the misconfigured server you forgot about.

OpenAI's Lockdown Mode Admits the Problem It Can't Quite Fix
The new containment feature reduces AI-enabled data exfiltration — it doesn't stop it. Experts are divided on whether enterprises should even trust a vendor to police itself.

A Single Notification Could Hijack Gemini on Android
Researchers showed how a poisoned WhatsApp, Slack or SMS alert could weaponize Google's voice assistant — no malicious app required.

Anthropic Wires Claude Into 28 Enterprise Security Platforms
The AI company is pushing deeper into corporate security stacks, connecting Claude to vendors including CrowdStrike, Okta, and Zscaler.