ChatGPT’s Memory Feature Supercharges Prompt Injection

Blog

Byadmblake January 8, 2026

The “ZombieAgent” exploit makes use of ChatGPT’s long-term memory and advanced capabilities.

Blog

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download…

Read More New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification
Blog

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization,”

Read More Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Blog

Lynx Ransomware Group ‘Industrializes’ Cybercrime With Affiliates

The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals.

Read More Lynx Ransomware Group ‘Industrializes’ Cybercrime With Affiliates
Blog

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks. In the attack devised by AI security company SPLX, a bad actor can set up websites that serve different content to browsers and AI crawlers run by ChatGPT…

Read More New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
Blog

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows

Read More GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Blog

Infostealers: The silent doorway to identity attacks — and why proactive defense matters

Credential theft isn’t just an inconvenience. It’s often the first move in a chain reaction that ends in full-scale compromise. Beyond the dreaded password reset process, information stealers, as shown in several recent cyberattacks, can have far more consequential follow-on effects. For many small and mid-sized organizations, a single stolen identity can lead to…

Read More Infostealers: The silent doorway to identity attacks — and why proactive defense matters

Related