Search Engine Land

Hidden prompt injection: The black hat trick AI outgrew

For a brief moment, hiding prompt injections in HTML, CSS, or metadata felt like a throwback to the clever tricks of early black hat SEO. Invisible keywords, stealth links, and JavaScript cloaking ...
CSOonline

Facebook porn attack caused by self-inflicted JavaScript injection, researcher says

I came across an interesting analysis of the recent, pornographic Facebook spam attack written by Mike Geide, senior security researcher at Zscaler ThreatLabZ. In a blog post, he writes that the ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...