Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
InfoWorld

AI finds 20-year-old bugs in PostgreSQL and MariaDB

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...
IEEE

A Survey of SQL Injection Attacks, Their Methods, and Prevention Techniques

Abstract: The vast majority of web applications' databases are vulnerable to SQL Query Injection Attacks, which let clients directly insert sensitive data. They carry out their operations by inserting ...
IEEE

Feature Fusion-Based Detection of SQL Injection and XSS Attacks

Abstract: With the rapid development of the internet, network security issues are becoming increasingly severe. SQL injection attacks and XSS attacks are two common network attack methods that pose ...
GitHub

Buzur — AI Prompt Injection Defense Scanner (Python)

Buzur is an open-source 19-phase scanner that protects AI agents and LLM applications from indirect prompt injection attacks (OWASP LLM Top 10 #1). It inspects web content, URLs, images ...