Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.