Netcrook
#Prompt Injection
When Search Starts Issuing Tasks: Naver’s AI Tab Pushes the Browser Into Action
Naver’s new AI Tab turns a familiar search box into a workflow layer, blending answers, maps, and reservation cues in a way that widens both convenience and the security surface.
Small Models, Bigger Stakes: Why Local AI Is Moving Into the Security Spotlight
Compact language models are gaining traction where data control matters, but on-premise deployment shifts the burden from cloud trust to security engineering discipline.
Frontier AI Meets National Security: Why One Model Launch Is Being Put Behind a Gate
A reported staggered release for GPT-5.6 shows how advanced model launches are increasingly shaped by access control, safety review, and government pressure before they reach the public.
When Malware Starts Feeding the Analyst’s Model: Gaslight and the New AI Blind Spot
A macOS sample tied to Rust code and 38 fake messages shows how prompt injection can target the analysis workflow itself, not just the machine it runs on.
Enterprise AI’s Real Bottleneck Is Not the Model, but the Control Layer
At a Dataiku and CIO Korea breakfast session, speakers framed AI success as a management problem shaped by people, orchestration, and governance, with flexibility across models and infrastructure becoming part of the security story.
Salesforce Turns Support Bots Into Metered Agents, and Security Teams Should Pay Attention
Agentforce Help Agent is more than a chatbot launch: it ties autonomous customer service to outcome-based pricing, which raises the stakes around permissions, escalation, and abuse resistance.
OpenAI’s Daybreak Pushes AI Closer to Patch Work - and Closer to New Risk
The project is being expanded to explore whether large language models can help correct vulnerabilities at scale, a shift that could reshape remediation without removing the need for strict human control.
Google Brings Computer Control Into Gemini 3.5 Flash, and the Prompt Injection Problem Gets Realer
A built-in computer-use feature pushes Gemini into browser, mobile, and desktop workflows, but the security question is now how well an agent can be kept from acting on hostile instructions.
Runlayer’s $30 Million Signal: AI Security Is Moving Up the Stack
A fresh Series A round points to a harder truth for enterprise AI: the risk is shifting from the model itself to the control layer that decides what tools, data, and actions an agent can touch.
GLM-5.2 and the Quiet Power Shift Behind Open-Weight AI
China’s GLM-5.2 release spotlights open-weight AI, deployment control, and the enterprise governance questions that follow.
Gaslight Shows Malware Can Try to Trick the Analyst’s AI
A newly identified macOS implant is notable not just for stealing data, but for embedding text meant to derail AI-assisted triage.
When an AI Agent Acts Alone, Who Owns the Fallout?
As agentic AI systems can plan and act, the security and legal challenge shifts from outputs to the chain of control and evidence.
Gemini 3.5 Flash Moves Closer to the Browser, and Security Teams Should Pay Attention
Google has expanded Gemini 3.5 Flash with agentic computer-use support for enterprise automation, a shift that turns UI control into a security problem as much as a productivity feature.
Automation’s Blind Spot: How a Workflow Trust Leak Can Turn Text Into Privilege
A CI/CD composition problem and an AI agent prompt injection case point to the same design flaw: untrusted input entering a privileged automation path.
When AI Stops Talking and Starts Acting, Security Gets a New Target
Enterprises are increasingly experimenting with agentic AI inside real workflows, and the security question is shifting from prompt quality to authority, logging, and control.
Gaslight Malware Shows How AI Can Be Targeted Before the Human Even Reads the Sample
A macOS backdoor described as written in Rust is notable less for brute-force evasion than for trying to confuse AI-assisted malware triage with hostile text embedded inside the sample itself.
When LLM Risk Turns Into Responsibility Drift
The hard problem is no longer proving that large language models can fail. It is proving who knew what, who tested what, and who can stand behind the system after a failure.
macOS Malware Finds a Quiet Door in LaunchAgents and a Loud One in AI Triage
A Rust-based implant tied to a DPRK-linked macOS cluster pairs ordinary startup persistence with a Python stealer stage and prompt-injection text aimed at analysts.
Beyond the Archive: Why Relational Knowledge Changes the AI Conversation
MetaDominio is presented as an open cognitive structure, but the deeper cyber lesson is architectural: once knowledge becomes relational and generative, the questions shift from storage to governance, traceability, and trust.
The Blind Spot in Agentic AI: When a Trusted Skill Can Change After Review
A security demonstration around AI agents shows how a public skill, once approved, may still become dangerous if its external content changes after vetting.