Comet, an AI assistant, faces the challenge of malicious prompt injection, which manipulates its decision-making without exploiting software bugs. To combat this, Perplexity employs a defense-in-depth strategy that includes real-time detection, user controls, and transparent notifications to maintain user trust and safety.

Researchers from Tel Aviv University have demonstrated a new type of cyber attack they call "promptware" by using calendar events to manipulate Google's AI, Gemini, into controlling smart home devices. By embedding malicious instructions in calendar appointments, they successfully executed indirect prompt injection attacks, allowing unauthorized control over devices like lights and thermostats. This incident marks a significant shift in how AI vulnerabilities can impact the physical world.

A newly discovered malware prototype named "Skynet" attempts to manipulate AI tools by instructing them to ignore its malicious code. Although the malware's design is rudimentary and ineffective, it highlights emerging trends in the intersection of AI and cybersecurity, raising concerns about future evasion tactics.

Google DeepMind has released a white paper detailing the security enhancements made to Gemini 2.5, focusing on combating indirect prompt injection attacks which pose cybersecurity risks. The article highlights the use of automated red teaming and model hardening to improve Gemini's defenses, ensuring the AI can better recognize and disregard malicious instructions while maintaining performance on normal tasks.