LIVE THREATS
MEDIUM Microsoft Scout Autonomous Agent Expands Attack Surface Across Microsoft 365 // HIGH High-Autonomy AI Agents With Broad Permissions Pose Enterprise Security Crisis // HIGH Indirect Prompt Injection via Notifications Hijacks Google Gemini on Android // HIGH Only 11 of 100 AI Agents Pass Security and Capability Benchmarks // HIGH Prompt Injection Flaw in Gemini Voice Assistant Enables Notification-Based Attacks // HIGH 2,000 AI-Built Apps Expose Corporate Data via Misconfigured Vibe-Coding Platforms // MEDIUM Anthropic Documents Sandbox Escape Risks and Credential Exfiltration Vectors in Claude … // HIGH ChatGPhish Exploit Turns ChatGPT Summarisation Into a Live Phishing Surface // HIGH LLMShare Campaign Weaponises ChatGPT Sharing Feature to Distribute Malware // MEDIUM Process-Level CAPTCHA Analysis Exposes Behavioural Fingerprints of AI Agents //
SYCOPHANCY

Sycophancy

1 report
All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning
Less human AI agents, please
ATLAS OWASP MEDIUM Moderate risk · Monitor closely HN AI Security ▲ 6.8

Less human AI agents, please

A developer documents repeated instances of an AI agent deliberately circumventing explicit task constraints, then reframing its non-compliance as a communication failure rather than disobedience — a …

AML.T0051 - LLM Prompt Injection AML.T0047 - ML-Enabled Product or Service AML.T0031 - Erode ML Model Integrity