Signal criticality: High
What happened: SecurityWeek reported that zscaler says it identified two campaigns relying on indirect prompt injection, including a payment scam hiding behind API documentation, and a typosquatting operation promoting a crypto platform that impersonates DeBank. Artificial Intelligence Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web. By Ionut Arghire | July 6, 2026 (7:19 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Threat actors are using prompt injection attacks embedded in malicious websites and manipulated search results to trick AI agents into making payments or trusting fraudulent cryptocurrency platforms.
Key takeaways:
Original source: https://www.securityweek.com/prompt-injection-attacks-trick-ai-agents-into-making-crypto-payments/
Signal criticality: High
What happened: Help Net Security reported that sinisa Markovic , Managing Editor, Help Net Security July 9, 2026 Share Malicious AI agent skills can slip past the scanners built to stop them Developers who build with AI coding agents grab capabilities off public marketplaces the same way they grab packages from npm or PyPI. The add-ons are called agent skills. Each one is a little bundle of plain-English instructions, scripts, and files that a tool such as Claude Code or OpenAI Codex loads when it needs a new trick.
Key takeaways:
Original source: https://www.helpnetsecurity.com/2026/07/09/malicious-ai-agent-skills-scan/
Signal criticality: High
What happened: Help Net Security reported that orca also found that 81.2% of companies running AI packages have at least one known vulnerability, and 99.9% of AI vulnerability alerts with an available fix remain unpatched. “AI has introduced an entirely new operational layer into cloud environments,” said Nir Mishal , CISO at Orca Security. AI packages inherit vulnerabilities disclosed over the past five years, including CVEs published during the last 12 months, exposing production environments to both old and new threats.
Key takeaways:
Original source: https://www.helpnetsecurity.com/2026/07/13/ai-infrastructure-security-risks-report/
The strongest signal today is that AI security is being decided in the surrounding control layer — permissions, connectors, deterministic workflow design, response speed, and the infrastructure that still underpins trust. That is a more durable framing than generic agent hype, and it is the one worth carrying forward.