Product
high
advisory
AI Agent Data Theft via Indirect Prompt Injection
1 rule 2 TTPsAttackers are leveraging indirect prompt injection against AI agents with access to private data, untrusted content, and external communication channels to steal sensitive information by embedding malicious instructions in content processed by the agent.
GitHub Copilot Agent +4
ai-agent
prompt-injection
data-theft
ai-security
1r
2t
medium
advisory
GenAI Process Connection to Unusual Domain on macOS
2 rules 1 TTPThis rule detects GenAI tools on macOS connecting to unusual domains, potentially indicating command and control activity, data exfiltration, or malicious payload retrieval following compromise via prompt injection, malicious MCP servers, or poisoned plugins.
Copilot +22
genai
command and control
macos
network connection
2r
1t