Attacks by Content: Automated Fact-Checking Is an AI Security Issue

When AI agents retrieve and reason over external documents, adversaries can manipulate the data they receive to subvert their behaviour. Previous research has studied indirect prompt injection, where the attacker injects malicious instructions. We argue that injection of instructions is not...

The vulnerability of the Windows DNS service for Windows operating systems allows attackers to perform spoofing attacks.

The vulnerability of the Windows DNS service for Windows operating systems is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

PT-2023-25726 · F5 · Big-Ip Edge Client

Name of the Vulnerable Software and Affected Versions: BIG-IP Edge Client for Windows and macOS affected versions not specified Description: An insufficient verification of data issue exists that may allow an attacker to modify the configured server list. Note that software versions which have...

The vulnerability of the application software interface of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS operating systems allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the application software interface of Cisco TelePresence Collaboration Endpoint CE control devices and Cisco RoomOS operating systems is related to insufficient verification of data entered by users. Exploiting this vulnerability can allow a malicious actor to gain access to...