Cybersecurity Blog

AI Security Daily Briefing — December 9, 2025

In the last 24 hours, Google introduced layered defenses in Chrome to contain indirect prompt injection against its agentic AI features, the UK’s NCSC warned that LLMs will always be vulnerable to prompt injection, and new research revealed malicious VS Code extensions and AI-branded packages stealing developer data and credentials from high-value engineering environments.

AI Security Daily Briefing — December 8, 2025

Over the last 72 hours, AI security stories have centered on shadow AI forcing a rethink of governance, “IDEsaster” flaws in AI coding tools enabling data theft and RCE, FBI warnings about AI-generated virtual kidnapping scams, NATO’s use of an AI chatbot in large-scale cyber war games, and new evidence that AI image services and AI bots are reshaping data-leak and scraping risk.

AI Security Daily Briefing — December 4, 2025

AI security for December 4, 2025 centers on a massive $130M round for AI-agent SOC startup 7AI, fresh evidence of Chinese-backed hackers using AI to automate campaigns, a study showing major AI companies falling short of global safety standards, new analysis of AI-driven software supply chain attacks, and a malicious npm package that embeds prompts to trick AI-based security tools.

AI Security Daily Briefing — December 3, 2025

I security for December 3, 2025 centers on new NSA/CISA guidance for safely integrating AI into OT, SandboxAQ’s launch of an AI security posture platform for shadow AI, research showing poetic prompts can jailbreak major models, Experian’s forecast naming AI as the top breach driver for 2026, and TÜV SÜD’s move to formalize AI penetration testing using NIST, OWASP, and MITRE ATLAS.