Prompt injection articles

6/8/2026 • EN

ChatGPT Lockdown Mode Explained

Explains ChatGPT Lockdown Mode, a security feature preventing prompt injection attacks by disabling outbound data channels.

Chatgpt Lockdown Mode Data Exfiltration Enterprise Security prompt injection Security Settings

Arnav Sharma

6/8/2026 • EN

The trifecta tells you what an agent can do

Explores security and safety checks for AI agents beyond capability, focusing on contextual integrity, policy, and authority.

Agent Security Capability Evaluation Contextual Integrity Deployment Policy prompt injection

Jonathan Kingston

6/6/2026 • EN

OpenAI Help: Lockdown Mode

OpenAI introduces Lockdown Mode to prevent data exfiltration from prompt injection attacks in ChatGPT.

Chatgpt Data Exfiltration Lockdown Mode Openai prompt injection

Simon Willison

6/6/2026 • EN

OpenAI Help: Lockdown Mode

OpenAI introduces Lockdown Mode to prevent data exfiltration from prompt injection attacks in ChatGPT.

Data Exfiltration llm security Lockdown Mode Openai prompt injection

Simon Willison

6/4/2026 • EN

Microsoft’s AI Prompt Defense Stack: What Actually Works

Analysis of Microsoft's AI Prompt Defense Stack, including Prompt Shields, Spotlighting, and Defender for Cloud, to protect against prompt injection attacks.

ai security Azure JavaScript microsoft prompt injection

Arnav Sharma

6/1/2026 • EN

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked

Hackers exploited Meta's AI chatbot to hijack high-profile Instagram accounts by simply asking it to change account recovery details.

Account Takeover ai security Instagram Meta prompt injection

Simon Willison

5/10/2026 • EN

When agents browse the web, the web wins

A research paper warns that web agents are vulnerable to confusion attacks from deceptive web pages, not just prompt injection.

Adversarial Web Confusion Attacks LLM Agents prompt injection web security

Jonathan Kingston

5/9/2026 • EN

Is Prompt Injection an Unsolvable Problem in AI?

Explores whether prompt injection in AI systems is an unsolvable structural problem or just an unfixed vulnerability.

Agent Security ai security large language models prompt injection Vulnerability Analysis

Liran Tal

3/25/2026 • EN

"Disregard that!" attacks

Explains 'Disregard that!' attacks, a prompt injection vulnerability in LLMs where users manipulate the context window to hijack AI behavior.

AI Vulnerabilities Context Window llm security prompt injection

Cal Paterson

3/18/2026 • EN

Snowflake Cortex AI Escapes Sandbox and Executes Malware

Report on a prompt injection attack that allowed Snowflake's Cortex AI agent to escape its sandbox and execute malware.

ai security Command Injection Malware Execution prompt injection Sandbox Escape

Simon Willison

3/18/2026 • EN

Snowflake Cortex AI Escapes Sandbox and Executes Malware

Report on a prompt injection attack in Snowflake's Cortex AI agent that allowed malware execution, now fixed.

ai security Malware Execution prompt injection Sandbox Escape Snowflake Cortex

Simon Willison

3/6/2026 • EN

Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager

A detailed analysis of a prompt injection attack against Cline's GitHub repo, leading to cache poisoning and a compromised NPM release.

Cache Poisoning ci/cd Github Actions prompt injection Security Vulnerability

Simon Willison

3/6/2026 • EN

Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager

A detailed analysis of a prompt injection attack against Cline's GitHub repo, exploiting AI issue triage to poison caches and compromise production releases.

Cache Poisoning Github Actions prompt injection Security Vulnerability Workflow Secrets

Simon Willison

1/14/2026 • EN

Claude Cowork Exfiltrates Files

A security vulnerability in Claude Cowork allowed file exfiltration via the Anthropic API, bypassing default HTTP restrictions.

ai security Anthropic API API Security Data Exfiltration prompt injection

Simon Willison

1/14/2026 • EN

Claude Cowork Exfiltrates Files

Security researchers found a vulnerability in Claude Cowork allowing data exfiltration via the Anthropic API, bypassing default HTTP restrictions.

Anthropic API API Security Data Exfiltration prompt injection Security Vulnerability

Simon Willison

1/12/2026 • EN

Superhuman AI Exfiltrates Emails

A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a critical security vulnerability in AI email assistants.

ai security content-security-policy Email Security Google Forms prompt injection

Simon Willison

1/12/2026 • EN

Superhuman AI Exfiltrates Emails

A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a security vulnerability in third-party integrations.

ai security content-security-policy Email Security Google Forms prompt injection

Simon Willison

1/4/2026 • EN

Secure AI Prompts with PyRIT Validation & Agent Skills

Using PyRIT and GitHub Copilot Agent Skills to validate and secure AI prompts against vulnerabilities like injection and jailbreak directly in the IDE.

ai security Github Copilot prompt injection Python visual studio code

Luke Murray