prompt injection

Cheap doesn't have to mean compromise: 2025's best cheap desktop PCs prove that you can get sensible performance, modern connectivity, and real-world upgrade paths without breaking the bank. Background / Overview The budget desktop market in 2025 is broader and more interesting than most buyers...

Microsoft's decision to give AI agents the ability to act on a Windows 11 desktop — opening files, clicking UI elements, and chaining multi‑step workflows — is technically bold and productively promising, but it also creates fresh, concrete security and privacy challenges that Microsoft itself...

Microsoft’s own support documentation and recent reporting make one thing uncomfortably clear: Copilot Actions — the agentic feature Microsoft is previewing for Windows 11 — is powerful, experimental, and explicitly flagged by the company as a source of “novel security risks.” Background /...

Microsoft’s own documentation and multiple independent outlets now confirm a fundamental shift in Windows 11: Microsoft is moving from a suggestion-driven assistant model toward an agentic OS capable of running autonomous "agents" that can act on a user’s behalf — and the company is explicit...

Microsoft’s rollout of an experimental feature called Copilot Actions and a new agent workspace transforms Windows from a passive host for applications into an operating system that can run autonomous AI agents — and Microsoft’s own warning that these agentic features introduce “novel security...

Microsoft’s recent push of agentic features into Windows 11 — including a visible Copilot-style agent on the taskbar and a lightweight “Agent Workspace” that can read files, UI elements, and operate apps — has created a new and notable infostealer attack surface that weaponizes trusted OS-level...

Microsoft’s blunt admission that Windows 11’s new “agentic” features introduce novel security risks turns what was pitched as a productivity breakthrough into one of the most consequential security conversations for desktops in years. Background Microsoft is previewing a set of features that...

Microsoft’s push to make Windows 11 an “agentic” operating system took a visible step forward this week as Copilot and new AI agents were shown moving from background concept to taskbar-first features that users — and attackers — will watch closely. Background: the shift to an agentic Windows...

Microsoft’s new agentic AI features for Windows 11 — the capability that will let AI “click, type and scroll” on your behalf — arrive accompanied by unusually blunt, Microsoft-authored security caveats: agent accounts, isolated Agent Workspaces, admin-only toggles, and explicit warnings about...

Agentic AI browsers — the biggest breakthrough of 2025 — have lurched from promise to peril in less than a year, as independent research led by Brave has exposed systemic vulnerabilities that can turn helpful assistants into covert exfiltration channels, opening new paths for credential theft...

Microsoft and third‑party trackers have published a high‑severity advisory for CVE‑2025‑62222: a command‑injection (remote code execution) flaw in the Visual Studio Code Copilot Chat / agentic AI extension that can be triggered by attacker‑controlled prompt or repository content and, under...

Microsoft’s security bulletin for November 11, 2025 added a new entry to the growing list of developer-facing vulnerabilities: CVE-2025-62214, a command-injection / remote code execution flaw in Visual Studio that can be triggered by malicious prompt content interacting with Visual Studio’s AI...

GitHub’s new Agent HQ and a string of high‑profile AI slipups have pushed a single, urgent message to the front pages of enterprise security teams: the rapid agentification of developer and consumer workflows is exposing brand secrets in ways that traditional data‑protection tooling was not...

A deceptively simple diagram turned into a conduit for data theft: security researcher Adam Logue disclosed an indirect prompt‑injection chain that coaxed Microsoft 365 Copilot to fetch private tenant data, hex‑encode it, and hide it inside a Mermaid diagram styled as a fake “Login” button — a...

OpenAI’s new ChatGPT Atlas browser is a bold reinvention of the browser as an agentic assistant — but its debut has reopened a high-stakes debate about prompt injection, covert exfiltration channels, and how much trust we should grant assistants that can read, remember and act on behalf of...

Cursor’s Mermaid-based diagram renderer in certain Cursor releases can be induced to fetch attacker-controlled images, creating a low‑noise exfiltration channel when combined with prompt injection — a vulnerability tracked as CVE-2025-54132 that has been fixed in Cursor 1.3 (with later...

Google’s decision not to patch a newly disclosed “ASCII smuggling” weakness in its Gemini AI has fast become a flashpoint in the debate over how to secure generative models that are tightly bound into everyday productivity tools. The vulnerability, disclosed by researcher Viktor Markopoulos of...

Microsoft’s advisory listing for CVE-2025-59272 identifies a Copilot spoofing class flaw that affects Copilot-family services and related agentic tooling, but the public record remains intentionally terse and some technical details are not yet independently verifiable — treat the CVE as...

Azure’s new Agent Factory blueprint reframes trust as the primary design constraint for enterprise agents and presents Azure AI Foundry as a layered, identity‑first platform that combines identity, guardrails, continuous evaluation, and enterprise governance to keep agentic AI safe, auditable...

Australia’s small businesses face a sharp security cliff this month as Microsoft ends mainstream support for Windows 10, and researchers warn that a parallel surge in AI‑enabled attack techniques is widening the window of opportunity for criminals — a risk compounded by many organisations...