Reading up on ai-security
3 deep · digging since dec 02, 25
- Notion AI: Unpatched data exfiltration
Notion AI allowed data exfiltration via indirect prompt injection in March 2025, where edits were saved before user approval, enabling attackers to steal sensitive document contents.
- BrowseSafe: Understanding and Preventing Prompt Injection Within AI Browser Agents
Perplexity AI introduces BrowseSafe, a defense architecture, benchmark, and detection model for securing browser agents from prompt injection attacks.
- AI agents find $4.6M in blockchain smart contract exploits
AI agents autonomously exploited smart contracts in simulation, generating $4.6 million in simulated stolen funds, demonstrating a concrete lower bound on economic harm from AI-driven cyberattacks.