How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.

Google is making it dramatically easier to sign in to apps without OTP or link hassles

Google now lets Android apps verify your email in one tap, no OTP codes and no inbox hunting. Here's how the new Credential Manager API works.

The shadowy SIM farms behind those incessant scam texts - and how to stay safe

These fraud factories operate quietly to support large-scale scamming and phishing. Here's how they work and what to do if ...

X makes it more expensive to post links through its API

Social network X has made it more expensive to post links through its API. The change is designed to thwart spam and “vectors of misuse,” the company said. The new pricing increased costs from $0.01 ...

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
theregister

Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages. The researchers detail their findings in a preprint ...
InfoQ

Experimental Web Install API Seeks to Improve Application Discovery and Distribution

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...