GoKawiil - Tech News

1.

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes (venturebeat.com)

2026-06-19 | get Cybersecurity Server Protection Kit → | tags: langflow, langgraph, langchain

2.

Copilot 'SearchLeak' Attack Allows 1-Click Data Theft (darkreading.com)

2026-06-15 | get Cybersecurity Data Leak Kit → | tags: copilot, searchleak, ai prompt-injection

3.

CISA warns of cyberattacks targeting fuel tank monitoring systems (bleepingcomputer.com)

2026-06-03 | get Cybersecurity for Industrial Systems → | tags: cisa, automatic tank gauge, critical infrastructure

4.

Malicious Notifications Could Trick Google Gemini Users (darkreading.com)

2026-06-03 | by Alexander Culafi | get Google Gemini Security Kit → | tags: google gemini, voice assistant, prompt injection

5.

Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts (arstechnica.com)

2026-06-01 | get AI Security Monitoring Tool → | tags: meta ai, instagram, vpn

6.

Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged (venturebeat.com)

2026-06-01 | get AI Security Browser Extension → | tags: anthropic, prompt injection, frontier labs

7.

ChatGPT for Google Sheets exfiltrates workbooks (news.ycombinator.com)

2026-05-31 | get AI-powered Google Sheets Add-on → | tags: chatgpt, google sheets, openai

8.

ChatGPT for Google Sheets Exfiltrates Workbooks (news.ycombinator.com)

2026-05-31 | get ChatGPT for Google Sheets Add-on → | tags: openai, chatgpt, google sheets

9.

Undisclosed addition in jqwik instructed AI coding agents to delete app output (news.ycombinator.com)

2026-05-29 | tags: jqwik, junit 5, java

10.

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code (arstechnica.com)

2026-05-28 | get Secure Coding Practice Book → | tags: jqwik, java, prompt injection

11.

Microsoft Copilot Cowork Exfiltrates Files (news.ycombinator.com)

2026-05-25 | get Microsoft 365 Copilot → | tags: microsoft, copilot, microsoft 365

12.

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign (bleepingcomputer.com)

2026-05-24 | get SQL Injection Testing Tool → | tags: ghost cms, sql injection, cve-2026-26980

13.

Domain-Camouflaged Injection Attacks Evade Detection in Multi-Agent LLM Systems (news.ycombinator.com)

2026-05-22 | get Cybersecurity Multi-Tool Kit → | tags: domain-camouflaged attacks, injection attacks, multi-agent systems

14.

Drupal: Critical SQL injection flaw now targeted in attacks (bleepingcomputer.com)

2026-05-22 | get SQL Injection Security Kit → | tags: drupal, sql injection, postgresql

15.

Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control (darkreading.com)

2026-05-20 | get Industrial Robot Security Kit → | tags: robotic systems, ot robot os, command injection

16.

LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose — bots also manipulated to address user as ‘My Lord’ (tomshardware.com)

2026-05-17 | by Mark Tyson | get AI Prompt Injection Detection Tool → | tags: linkedin, prompt injection, tmuxvim

17.

LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose — bots also also manipulated to address user as ‘My Lord’ (tomshardware.com)

2026-05-17 | by Mark Tyson | get AI Prompt Injection Defense Tool → | tags: linkedin, prompt injection, tmuxvim

18.

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA (bleepingcomputer.com)

2026-05-12 | get SAP Security Patch Kit → | tags: sap, commerce cloud, s/4hana

19.

Slimline Commodore 64C Ultimate Edition computers go up for pre-order — firm reintroduces the C64’s sleeker 1986-1994 styling across the range (tomshardware.com)

2026-05-01 | by Mark Tyson | get Commodore 64C Mini → | tags: commodore 64c, retro computing, injection molding

20.

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw (bleepingcomputer.com)

2026-04-28 | get LiteLLM Security Patch → | tags: litellm, cve-2026-42208, sql injection

21.

Google Studies Prompt Injection Attacks Against AI Agents Browsing the Web (slashdot.org)

2026-04-26 | by Posted | get AI Safety and Security Book → | tags: prompt injection, google ai, ai agents

22.

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies (feeds.feedburner.com)

2026-04-24 | get AI Prompt Injection Defense Kit → | tags: mcdonalds, prompt injection, ai bots

23.

No, McDonald’s AI bot didn’t go rogue, but ‘prompt injection’ is still a risk for companies (feeds.feedburner.com)

2026-04-24 | get AI Prompt Injection Security Kit → | tags: mcdonalds, ai bot, prompt injection

24.

How indirect prompt injection attacks on AI work - and 6 ways to shut them down (zdnet.com)

2026-04-24 | by Charlie Osborne | get AI Prompt Security Kit → | tags: large language models, prompt injection, ai chatbots

25.

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool (darkreading.com)

2026-04-21 | by Elizabeth Montalbano | get AI-Powered Gravity Simulator → | tags: google, antigravity, prompt injection

26.

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it (venturebeat.com)

2026-04-21 | get AI Security Monitoring Kit → | tags: anthropic, github copilot, google gemini

27.

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool (darkreading.com)

2026-04-21 | by Elizabeth Montalbano | get AI Antigravity Device Kit → | tags: google, antigravity, pillar security

28.

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway (venturebeat.com)

2026-04-15 | get Microsoft Surface Laptop 4 → | tags: microsoft, copilot studio, prompt injection

29.

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway. (venturebeat.com)

2026-04-15 | get Cybersecurity Privacy USB → | tags: microsoft, copilot studio, prompt injection

30.

Microsoft, Salesforce Patch AI Agent Data Leak Flaws (darkreading.com)

2026-04-15 | get AI Security Monitoring Kit → | tags: microsoft, salesforce, copilot