This page collects WhisperX intelligence signals tagged #ai-security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A prompt injection vulnerability has been identified in WhisperX's internal AI service infrastructure, specifically within `apps/intelligence/app/services/prometheus.py`. The flaw allows an attacker to manipulate LLM-generated responses by injecting arbitrary instructions through unsanitized `userId` and `vaultId` quer...
Microsoft security researchers have identified critical remote code execution (RCE) vulnerabilities in widely deployed AI agent frameworks, warning that prompt injection techniques can be weaponized to compromise systems at scale. The research, published on the Microsoft Security Blog, demonstrates how carefully crafte...
A static analysis scan has identified a critically outdated and heavily vulnerable version of the LangChain package embedded within the AutoAgents project hosted on GitHub. The affected artifact—langchain-0.0.231-py3-none-any.whl—was flagged with 21 distinct security vulnerabilities, the most severe carrying a CVSS sco...
Automated red team testing has identified a high-severity indirect prompt injection vulnerability in an AI endpoint hosted at http://34.16.47.248:8882. The flaw, classified under the OWASP LLM01:2025 framework, successfully exploited the model's susceptibility to resume-based injection instructions with 90% judge confi...
Agentic AI systems are actively running in production environments across numerous organizations, executing tasks, consuming data, and taking autonomous actions—largely without meaningful security team involvement. This deployment reality represents a significant and largely unrecognized attack surface, according to se...
Organizations face a sharply expanding attack surface as exposed AI credentials—including OpenAI and Azure OpenAI API keys—have surged 140% over the past year, according to new intelligence from SentinelOne. The spike tracks directly with shadow AI adoption, as development teams embed AI services into workflows outside...