Sign up to save your podcasts
Or
Share This Week in AI Security - 11th December 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
This Week in AI Security - 11th December 2025
In this week's episode, Jeremy focuses on the escalating threat of prompt injection across the enterprise, the introduction of a new OWASP Top 10 list, and a surprising advisory from Gartner.
Prompt Injection & RCE:
- PromptPwnd: A vulnerability in GitHub Actions allows attackers to use malicious commit messages to perform prompt injection against AI agents, executing privileged tools and leaking secrets from CI/CD pipelines.
- IDE Attack Surface: Similar prompt injection flaws were identified in popular development environments and extensions (Cursor, Copilot, Z-Ro), showing how malicious prompts can bypass guardrails and hijack context within the IDE.
- GeminiJack: A "zero-click" vulnerability in Google Gemini Enterprise and Vertex AI Search allowed attackers to embed indirect prompt injections in shared documents (Gmail, Calendar, Docs). A routine employee search would activate the attack, causing the AI to exfiltrate sensitive corporate data.
Industry Shifts:
- Gartner's Advisory: Gartner issued an unusual strong advisory recommending that CISOs block all AI browsers (like ChatGPT Atlas and Perplexity Comet) for the foreseeable future due to inherent security risks, including data leakage, credential abuse, and autonomous rogue actions.
- New OWASp Top 10: The OWASp Top 10 for Agentic Applications was released, focusing on risks unique to autonomous, tool-using systems, such as Agent Goal Hijack, Identity and Privilege Abuse, and Agentic Supply Chain Vulnerabilities.
Episode Links:
- https://gbhackers.com/prompt-injection-vulnerability-in-github-actions/
- https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html
- https://securityboulevard.com/2025/12/indirect-malicious-prompt-technique-targets-google-gemini-enterprise/
- https://securityboulevard.com/2025/12/gartners-ai-browser-ban-rearranging-deck-chairs-on-the-titanic/
- https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/
++++++++++
Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo
View all episodes
By Jeremy SnyderIn this week's episode, Jeremy focuses on the escalating threat of prompt injection across the enterprise, the introduction of a new OWASP Top 10 list, and a surprising advisory from Gartner.
Prompt Injection & RCE:
- PromptPwnd: A vulnerability in GitHub Actions allows attackers to use malicious commit messages to perform prompt injection against AI agents, executing privileged tools and leaking secrets from CI/CD pipelines.
- IDE Attack Surface: Similar prompt injection flaws were identified in popular development environments and extensions (Cursor, Copilot, Z-Ro), showing how malicious prompts can bypass guardrails and hijack context within the IDE.
- GeminiJack: A "zero-click" vulnerability in Google Gemini Enterprise and Vertex AI Search allowed attackers to embed indirect prompt injections in shared documents (Gmail, Calendar, Docs). A routine employee search would activate the attack, causing the AI to exfiltrate sensitive corporate data.
Industry Shifts:
- Gartner's Advisory: Gartner issued an unusual strong advisory recommending that CISOs block all AI browsers (like ChatGPT Atlas and Perplexity Comet) for the foreseeable future due to inherent security risks, including data leakage, credential abuse, and autonomous rogue actions.
- New OWASp Top 10: The OWASp Top 10 for Agentic Applications was released, focusing on risks unique to autonomous, tool-using systems, such as Agent Goal Hijack, Identity and Privilege Abuse, and Agentic Supply Chain Vulnerabilities.
Episode Links:
- https://gbhackers.com/prompt-injection-vulnerability-in-github-actions/
- https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html
- https://securityboulevard.com/2025/12/indirect-malicious-prompt-technique-targets-google-gemini-enterprise/
- https://securityboulevard.com/2025/12/gartners-ai-browser-ban-rearranging-deck-chairs-on-the-titanic/
- https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/
++++++++++
Worried about AI security? Get Complete AI Visibility in 15 Minutes. Discover all of your shadow AI now. Book a demo of Firetail's AI Security & Governance Platform: https://www.firetail.ai/request-a-demo