A systematic analysis of indirect prompt injection through tool call responses in LangChain, LlamaIndex and AutoGen-style agents — how malicious content in external data sources can hijack agent behaviour and the controls that mitigate it.
Analysis of a novel attack class targeting agentic AI systems: how injected instructions in tool outputs can escalate an agent's effective permissions, exfiltrate data, and pivot to internal services — and how to defend against it.
A UK law firm has disclosed a data breach in which an attacker exploited a misconfigured AI document assistant to systematically extract privileged client communications and M&A due diligence files over a six-week period.