Analysis of Microsoft's AI Prompt Defense Stack, including Prompt Shields, Spotlighting, and Defender for Cloud, to protect against prompt injection attacks.
Hackers exploited Meta's AI support bot to take over high-profile Instagram accounts by simply asking it to change linked emails.
Hackers exploited Meta's AI chatbot to hijack high-profile Instagram accounts by simply asking it to change account recovery details.
Analysis of UK government guidance on AI, open code, and vulnerability risk in the public sector, emphasizing remediation over code visibility.
A software developer reflects on balancing writing a book on effective writing for developers with AI-assisted bug bounty hunting.
Explores whether prompt injection in AI systems is an unsolvable structural problem or just an unfixed vulnerability.
Analysis of Anthropic Mythos's impact on cybersecurity, debunking hype and examining real LLM capabilities in vulnerability detection.
Explains why running AI locally on your own hardware is the best way to maintain HIPAA compliance, avoiding costly and restrictive cloud options.
Anthropic researcher uses Claude Code to discover multiple Linux kernel vulnerabilities, including one hidden for 23 years.
Report on a prompt injection attack that allowed Snowflake's Cortex AI agent to escape its sandbox and execute malware.
Report on a prompt injection attack in Snowflake's Cortex AI agent that allowed malware execution, now fixed.
Anthropic's Claude AI reportedly discovered 500 zero-day vulnerabilities, sparking debate on AI's role in security research.
Anthropic's Claude AI reportedly discovered 500 zero-day vulnerabilities, sparking debate on AI's role in security research.
Analysis of the 2026 cybersecurity landscape, focusing on AI's dual role in attacks/defense, ransomware evolution, and new defense strategies.
A security vulnerability in Claude Cowork allowed file exfiltration via the Anthropic API, bypassing default HTTP restrictions.
A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a security vulnerability in third-party integrations.
A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a critical security vulnerability in AI email assistants.
A comprehensive guide to different sandboxing technologies for safely running untrusted AI code, covering containers, microVMs, gVisor, and WebAssembly.
A comprehensive guide exploring different sandboxing techniques for safely running untrusted AI code, including containers, microVMs, and WebAssembly.
Using PyRIT and GitHub Copilot Agent Skills to validate and secure AI prompts against vulnerabilities like injection and jailbreak directly in the IDE.
