Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Hier — 11 juillet 2026BleepingComputer

'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets

Par : Ax Sharma
11 juillet 2026 à 11:03
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers. [...]

Progress urges ShareFile admins to shut down servers over “credible” threat

10 juillet 2026 à 18:26
Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a "credible external security threat" targeting the on-premises secure file-sharing software. [...]
À partir d’avant-hierBleepingComputer

The Replicant in Your Directory: AI Agents and the Identity Security Gap

10 juillet 2026 à 16:00
AI agents are accelerating the growth of non-human identities, making it harder for organizations to understand what exists, who owns it, and what it can access. Netwrix explains why stronger visibility and identity governance are essential as AI expands the enterprise attack surface. [...]
❌
❌