Humans are not perfect and this tends to show in what we create. That's why we will always have vulnerabilities in our software. As if that's not enough to cause a headache, there are those ready to exploit them for fun, profit, to patch them, or wreak havoc on the affected system(s).
With the growing popularity of Generative AI, we can add Prompt Injection to the list of vulnerabilities that defenders have to defend against in modern AI systems.
Welcome to this week's security review here on DEV. I remain your host, Habdul Hazeez. The two opening paragraphs of this edition are an introduction to what we're about to review. So, let's begin.
The calm before the ransom: What you see is not all there is
What I want you to take away from this article: Just because everything is calm in your environment, it does not mean that your system is safe. Who knows, the login for your critical infrastructure may already be on sale and just waiting for someone interested in attacking you to buy it and come after you.
From the article:
...the absence of a visible incident is just silence, and silence can mean several things. The company with an immaculate record may indeed have top-notch defenses. But it may also have avoided the attention of anyone ill-intentioned
In its 2025 Data Breach Investigations Report, Verizon put a number on how wide the gap between perceived security and actual exposure can get: it found that 54% of ransomware victims had their domains appear in at least one infostealer log or illicit marketplace posting before the attack.
Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google
The title of the article is perfectly phrased to reflect what the article is trying to convey. I'll add the following: it's only a matter of time before that sophistication changes from "low" to "high". What happens if Mythos is released publicly? I don't know. You tell me.
From the article:
The most important, however, from a security standpoint are the malicious prompt injection attempts. The researchers uncovered two types of such attacks: exfiltration and destruction.
Some websites contained prompts instructing AI to collect data, including IPs and credentials, and send it to an attacker-specified email address.
Critical GitHub Vulnerability Exposed Millions of Repositories
I was stunned when I saw the article's title. Surprised when I read it. Happy when I learned that they [the researchers] informed GitHub and they patched it the same day, March 4, 2026. However, at the time of writing, the article noted that 88 percent of Enterprise Server instances have not been updated to a patched version.
From the article:
By exploiting an injection flaw in GitHub’s internal protocol, any authenticated user could execute arbitrary commands on GitHub’s backend servers with a single git push command – using nothing but a standard git client.
In the case of GitHub Enterprise Server, an attacker can exploit the vulnerability to fully compromise the server and gain access to all repositories and internal secrets.
Popular WordPress redirect plugin hid dormant backdoor for years
I really don't know what to say about this. Undoubtedly, this is a breach of trust of whoever was using that plug-in on their website.
From the article:
The real danger for impacted websites, though, comes from the updating mechanism itself, which enabled arbitrary code execution on demand. That mechanism is still present on sites using the plugin, but dormant because the malicious external command-and-control subdomain does not resolve. The domain is active, though.
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
And trust me, you should!
Here is what's going on:
...web hosting and domain registration company Namecheap disclosed that it "relates to an authentication login exploit that could allow unauthorized access to the control panel."
The authentication bypass vulnerability has been assigned the CVE identifier CVE-2026-41940, and carries a CVSS score of 9.8 out of 10.0. In an update to its advisory, cPanel said patches have also been pushed to WP Squared version 136.1.7.
The most severe Linux threat to surface in years catches the world flat-footed
Given the significant role that Linux plays in the world right now, this does not look good. For added context, the name of the vulnerability is CopyFail.
More details:
The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code
With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
When I read articles like this, genuinely, I am not surprised. Why? Attackers always, I repeat, always try to find a way to compromise a system.
From the article:
What makes the attack chain noteworthy is that the core Python implant is embedded directly inside the dropper script, from where it's extracted, reconstructed, and executed. This reduces the need for repeatedly having to reach out to external infrastructure and minimizes the forensic footprint.
Once launched, the malware establishes communication with "bore[.]pub," a Rust-based tunneling service, allowing the operator to issue commands that facilitate remote command execution and extensive surveillance.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.
Top comments (0)