These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

From prompt injection to deepfake fraud, security researchers say several flaws have no known fix. Here's what to know about them.

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
IEEE

Enhancing the Transferability of Adversarial Examples with Noise Injection Augmentation

Abstract: Transfer-based adversarial attacks highlight a critical security concern in the vulnerability of deep neural networks (DNNs). By generating deceptive inputs on a surrogate model, these ...
IEEE

SQL Injection in LLM-Generated Queries: Systematic Analysis of Detection Gaps and Security Risks

Abstract: Large language models (LLMs) are being woven into software systems at a remarkable pace. When these systems include a back-end database, LLM integration opens new attack surfaces for SQL ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system ...