MUST READ

Crafted URLs can trick OpenAI Atlas into running dangerous commands

 | 

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

 | 

Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

 | 

Safepay ransomware group claims the hack of professional video surveillance provider Xortec

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

 | 

Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed

 | 

CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack

 | 

U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

 | 

Summoning Team won Master of Pwn as Pwn2Own Ireland Rewards $1,024,750

 | 

China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom

 | 

Pwn2Own Day 2: Organizers paid $792K for 56 0-days

 | 

Lazarus targets European defense firms in UAV-themed Operation DreamJob

 | 

U.S. CISA adds Motex LANSCOPE flaw to its Known Exploited Vulnerabilities catalog

 | 

Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw

 | 

Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy

 | 

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

 | 

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

 | 

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

 | 

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

 | 

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

 | 

OpenAI Atlas

Pierluigi Paganini October 27, 2025
Crafted URLs can trick OpenAI Atlas into running dangerous commands

Attackers can trick OpenAI Atlas browser via prompt injection, treating malicious instructions disguised as URLs in the omnibox as trusted commands. Attackers can exploit the OpenAI Atlas browser by disguising malicious instructions as URLs in the omnibox, which Atlas interprets as trusted commands, enabling harmful actions. NeuralTrust researchers warn that agentic browsers fail by not […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Crafted URLs can trick OpenAI Atlas into running dangerous commands

Hacking / October 27, 2025

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

Malware / October 27, 2025

Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

Uncategorized / October 27, 2025

Safepay ransomware group claims the hack of professional video surveillance provider Xortec

Malware / October 26, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68

Security / October 26, 2025