Expert blog

Cybersecurity Insights, News & Expert Guides

Practical articles on cybersecurity, GDPR and compliance — straight from Fib.Code experts.

Filter by tag

April 25, 202616 min

Prompt Injection — Your Corporate Chatbot Just Leaked the Whole Board's Salaries

Every AI agent with access to corporate Confluence, SharePoint, Outlook or Slack is vulnerable to indirect prompt injection — an attacker embeds a command inside a document or email, and the agent, while serving a seemingly harmless user request, fetches that document and obediently executes the enemy's command. This is not an academic concern — the last eighteen months have produced dozens of documented working attacks against Microsoft 365 Copilot, Notion AI, Slack AI, ChatGPT with connectors and custom RAG agents. No firewall will stop it, because it is text, not code.

Prompt InjectionOWASP LLM Top 10AI Agents+5

Cyberbezpieczeństwo

April 20, 202614 min

Cyber Resilience Act — Your Buggy Product Is About to Disappear from the EU Market

From 11 December 2027, every product with digital elements sold in the European Union must meet essential cybersecurity requirements, report vulnerabilities to ENISA and provide a minimum five-year update horizon. Yet eight out of ten Polish manufacturers of IoT, industrial automation and SaaS products are still unaware that within eighteen months their product may be withdrawn from the market by a market surveillance authority. Regulation 2024/2847 — the Cyber Resilience Act — equates a software bug with a product defect: the manufacturer is liable, the customer recovers.

Cyber Resilience ActCRACompliance+5

Cyberbezpieczeństwo

April 17, 20269 min

Information Security in District Heating — KITEIC Webinar Recap

Fib.Code CEO Łukasz Grabowski delivered a webinar for district heating sector representatives on ISMS implementation, NIS-2 and ISO 27001:2022 compliance, and IT/OT security. A summary of the key topics covered during the event hosted by KITEIC.

CyberbezpieczeństwoNIS-2ISO 27001+4

Cyberbezpieczeństwo

April 14, 202612 min

Shadow AI — The Invisible Employee Taking Your Data Out Every Day

Your organization employs someone who isn't on the payroll, never signed a confidentiality agreement, and takes contracts, customer data, commercial strategies and source code out the door every day. It's called Shadow AI. And unlike typical insider threats, the culprits don't know they're doing anything wrong.

Shadow AIAI ActRODO+4

Compliance

April 10, 20269 min

AI Act and Information Security — How New Regulations Intersect

The AI Act takes effect in August 2026. Learn how the new AI regulations intersect with GDPR, NIS-2 and ISO 27001 — and what it means for your organization.

ComplianceRODOCyberbezpieczeństwo+1

Cyberbezpieczeństwo

April 6, 20268 min

KSC Amendment 2026 — What You Need to Know After April 3

The amended KSC Act entered into force on April 3, 2026. Learn the key deadlines, obligations for important and essential entities, and consequences of failing to register in the S46 system.

NIS-2ComplianceCyberbezpieczeństwo+1

Fib.Code

Cybersecurity Insights, News & Expert Guides

Latest Articles

Prompt Injection — Your Corporate Chatbot Just Leaked the Whole Board's Salaries

Cyber Resilience Act — Your Buggy Product Is About to Disappear from the EU Market

Information Security in District Heating — KITEIC Webinar Recap

Shadow AI — The Invisible Employee Taking Your Data Out Every Day

AI Act and Information Security — How New Regulations Intersect

KSC Amendment 2026 — What You Need to Know After April 3

Cybersecurity Insights, News & Expert Guides

Latest Articles

Prompt Injection — Your Corporate Chatbot Just Leaked the Whole Board's Salaries

Cyber Resilience Act — Your Buggy Product Is About to Disappear from the EU Market

Information Security in District Heating — KITEIC Webinar Recap

Shadow AI — The Invisible Employee Taking Your Data Out Every Day

AI Act and Information Security — How New Regulations Intersect

KSC Amendment 2026 — What You Need to Know After April 3