EchoLeak is a vulnerability tracked across 7 threat clusters and 9 intelligence report mentions on ThreatCluster. First observed December 10, 2025; most recent activity June 28, 2026.
OrcaRouter Security Research released its AI Threat Report 2026, identifying prompt injection as the leading risk to large language model (LLM) applications, with a 340% increase in such attacks year-over-year. The…
Microsoft and Salesforce have patched serious prompt injection vulnerabilities in their AI platforms, Copilot Studio and Agentforce, respectively. Capsule Security identified these flaws, allowing attackers to…
A newly disclosed vulnerability in Microsoft 365 Copilot Enterprise, named SearchLeak (CVE-2026-42824), allows attackers to exfiltrate sensitive data with a single click on a crafted link. Discovered by Varonis Threat…
Recent research highlights significant vulnerabilities in agentic AI systems, which can misclassify adversarial inputs as trusted instructions across six architectural layers. These vulnerabilities stem from trust…
VectorCertain LLC has validated its SecureAgent platform, achieving 100% detection and prevention of autonomous multi-step AI exploitation attempts and unsanctioned AI agent scope expansion. The validation involved…
In 2025, over 90 organizations fell victim to prompt injection attacks, exploiting vulnerabilities in large language models (LLMs). CrowdStrike's 2026 Global Threat Report indicates that AI-enabled cyberattacks surged…
Google has addressed a zero-click vulnerability in Gemini Enterprise and Vertex AI, identified as 'GeminiJack.' Discovered by Noma Labs in June 2025, this exploit could have allowed attackers to steal sensitive…