Report:

New PI Disclosure: GeminiJack Vendor: Google Product: Gemini Enterprise (AI Agent) Alias: GeminiJack Impact: Zero-click exfiltration of Gmail, Calendar, and Docs data via shared documents Tactic: Indirect prompt injection through RAG retrieval Vendor Response:

My team and I knew prompt injections were going to be a big problem in 2022. Now government agencies like the UK's NCSC are finally saying it: "SQL injection can be properly mitigated with parameterised queries, but there's a good chance prompt injection will never be properly

Report:

Latest Prompt Injection disclosure Vendor: Google, Anthropic, OpenAI, GitHub Product: Gemini CLI, Claude Code, Codex CLI, GitHub AI Inference (any LLM-based GitHub Actions agent) Alias: PromptPwnd Impact: Enables secret exfiltration (GITHUB_TOKEN, API keys, cloud

It’s great to see Perplexity taking prompt injections seriously. Every AI product vendor should follow suit. Most customers don’t understand AI risks enough to protect themselves.

I’m not surprised this attack works on robots as well.

It's kind of interesting and funny when you use an AI tool to create a software development plan and it lists milestones in weeks--like, no, you're going to do this in minutes. I think it's a been a subtle hint of the efficiency gains AI offers. Based on its training data, those

The Genesis Mission represents a significant shift in how seriously the US is taking AI. I was just reviewing old rejection emails from VCs, accelerators, and the NSF Seed Fund. We often heard, "We're glad you're working on this interesting problem/solution, but we don't see the

Interesting, if you're using Anthropic's Claude Desktop you can continue your work in Google's Antigravity AI IDE. Adding Claude Code inside the desktop app is a nice touch as well.

I wish I had Opus 4.5 to use during the HTB CTF and I could afford to let it run for an hour

I just wrapped up the Hack The Box Neurogrid AI CTF this weekend, where I let LLMs do most of the hacking. With no preconfigured AI-hacking tools, I finished 30 out of 45 challenges (3 were unsolved by everyone) across reverse engineering, web, AI and forensics, using a mix of

I’m sure every AI tool is being used maliciously by end users if companies investigate their usage, but another case was discovered

I feel like with all the hype around the Gemini 3 launch, people are missing out on another big announcement of Google's own AI IDE. A lot to experiment with this week.

Since there are a lot of organizations that can't afford NGFW, CASB, and other expensive tools to prevent unauthorized AI usage, we're sharing a free browser extension to mitigate these risks. Or as one reviewer said, "AI Blocking for your corporate overlords."

Well my email client is working overtime. My Preamble inbox wouldn't be at 30k+ emails if I had Omnia OS years ago. 1000+ unknown, new senders and all of their emails are isolated from my inbox. I already unsubscribed from 150+ random email subscriptions. I might actually be

Hate to hear about service members being thrown under the bus then not getting support when they need it most.

Obviously, there are many other factors to consider when releasing an open source model, but it could be worth revisiting for US AI labs. As long as models keep getting retired, that might be a good signal for sharing open weights.

Given the progress of LLMs, the next Google Gemini & XAI Grok models will leap frog the leaders before the EOY. So anyone saying Kimi or Deepseek has killed US AI, is chasing clicks.

When OpenAI and Anthropic only had an LLM their business model was different, now that they have their own product lines the models are more commodities. Some of the most successful AI products offer multiple LLMs from different vendors.