China Briefing

China’s Agentic AI Boom: What the OpenClaw Surge Reveals

China Agentic AI OpenClaw surge signals a shift toward autonomous AI systems, reshaping cloud competition and enterprise ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
CSO Online

Copilot and Agentforce fall to form-based prompt injection tricks

Prompt injection flaws in Microsoft Copilot Studio and Salesforce Agentforce let attackers weaponize form inputs to override ...
The Next Web

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Researchers hijacked Claude, Gemini, and Copilot AI agents via prompt injection to steal API keys and tokens. All three ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...