Two critical CVEs in Microsoft Semantic Kernel let attackers chain prompt injection into arbitrary file writes and code execution. Patch to .NET SDK 1.71.0 and Python SDK 1.39.4 immediately.
Two critical CVEs in Microsoft Semantic Kernel let attackers chain prompt injection into arbitrary file writes and code execution. Patch to .NET SDK 1.71.0 and Python SDK 1.39.4 immediately.
Palo Alto Networks Unit 42 disclosed a Vertex AI SDK vulnerability where predictable staging bucket names let attackers hijack model uploads and achieve code execution across tenant boundaries. Patched in April 2026, disclosed June 16.
Check Point Research found three CVEs in LangGraph's persistence layer. CVE-2025-67644 SQLi chains with CVE-2026-28277 deserialization to reach RCE.
LLMs suggest non-existent package names in 20-30% of coding responses. Attackers register these hallucinated names with malicious payloads — slopsquatting as a supply chain attack.
AI prompt injection attack vectors — direct injection, indirect via tool outputs, multi-turn manipulation — with observed real-world attacks and a layered defensive stack.