<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Prompt-Injection on CuraSec</title><link>https://curasec.metacog.co.kr/tags/prompt-injection/</link><description>Recent content in Prompt-Injection on CuraSec</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sat, 11 Jul 2026 11:49:48 +0000</lastBuildDate><atom:link href="https://curasec.metacog.co.kr/tags/prompt-injection/index.xml" rel="self" type="application/rss+xml"/><item><title>CrowdStrike Research: New Prompt Injection Techniques Uncovered</title><link>https://curasec.metacog.co.kr/insights/2026-07-11-crowdstrike-uncovers-new-prompt-injection-techniques/</link><pubDate>Sat, 11 Jul 2026 11:49:48 +0000</pubDate><guid>https://curasec.metacog.co.kr/insights/2026-07-11-crowdstrike-uncovers-new-prompt-injection-techniques/</guid><description>&lt;ul>
&lt;li>&lt;strong>Engineer — Learn:&lt;/strong> New prompt injection techniques are relevant to engineers building or integrating LLM-powered features; read to update threat model for AI application design, but no patch or config action is indicated without a summary or enrichment signals.&lt;/li>
&lt;li>&lt;strong>SOC/IR — Learn:&lt;/strong> Awareness of emerging prompt injection TTPs may eventually inform detections for AI-adjacent pipelines, but with no IOCs, ATT&amp;amp;CK mappings, or exploitation detail available, there is nothing actionable to hunt or tune today.&lt;/li>
&lt;li>&lt;strong>Leader — Skip&lt;/strong>&lt;/li>
&lt;/ul></description></item><item><title>Ghostcommit: image-hidden prompt injection fools AI code review agents</title><link>https://curasec.metacog.co.kr/insights/2026-07-11-ghostcommit-hides-prompt-injection-in-images-to-fool-ai-agen/</link><pubDate>Sat, 11 Jul 2026 11:49:48 +0000</pubDate><guid>https://curasec.metacog.co.kr/insights/2026-07-11-ghostcommit-hides-prompt-injection-in-images-to-fool-ai-agen/</guid><description>&lt;ul>
&lt;li>&lt;strong>Engineer — Plan:&lt;/strong> Research-grade but practical: any AI coding agent with access to .env or secrets files is a potential exfiltration path via a malicious image in a PR. Audit what filesystem scope your AI code-review agents hold, and restrict or deny access to credential files and secret stores.&lt;/li>
&lt;li>&lt;strong>SOC/IR — Learn:&lt;/strong> Novel TTP — prompt injection embedded in images bypasses AI reviewers that never inspect image content, then coerces coding agents into exfiltrating secrets. No active exploitation or IOCs reported; file for future detection work around anomalous AI-agent file reads.&lt;/li>
&lt;li>&lt;strong>Leader — Plan:&lt;/strong> Demonstrates that AI coding-agent tools carry unchecked secret-exfiltration risk through a non-obvious vector. Before broader AI agent adoption, establish a policy governing what repository paths and credentials these tools may access, and confirm existing vendor tools have equivalent controls.&lt;/li>
&lt;/ul></description></item></channel></rss>