llm
76 articles with this tag
MEDIUM
MEDIUM
INFO
INFO
INFO
HIGH
CRITICAL
HIGH
CRITICAL
LOW
MEDIUM
INFO
INFO
HIGH
CRITICAL
CRITICAL
INFO
INFO
CRITICAL
MEDIUM
HIGH
MEDIUM
CRITICAL
CRITICAL
HIGH
INFO
HIGH
INFO
CRITICAL
HIGH
INFO
MEDIUM
INFO
HIGH
MEDIUM
INFO
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
INFO
LOW
MEDIUM
INFO
MEDIUM
LOW
INFO
MEDIUM
INFO
INFO
LOW
INFO
INFO
MEDIUM
INFO
INFO
INFO
LOW
INFO
INFO
INFO
MEDIUM
INFO
HIGH
INFO
INFO
HIGH
INFO
INFO
HIGH
HIGH
INFO
MEDIUM
INFO
MEDIUM
All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers
RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact
Prompt Injection finally broke my brain a little. My first article as a security student.
Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows
Sandyaa: Open-source autonomous security bug hunter
[NEU] [hoch] LangChain: Schwachstelle ermöglicht Manipulation von Dateien und Offenlegung von Informationen
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
[NEU] [hoch] LiteLLM: Schwachstelle ermöglicht Codeausführung und Offenlegung von Informationen
[NEU] [hoch] LiteLLM: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
Indirect prompt injection is taking hold in the wild
Groundcover expands AI Observability for LLM interactions
Researchers Simulated a Delusional User to Test Chatbot Safety
VU#518910: Ollama GGUF Quantization Remote Memory Leak
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
VU#915947: SGLang is vulnerable to remote code execution when rendering chat templates from a model file
Unweight: how we compressed an LLM 22% without sacrificing quality
Building the foundation for running extra-large language models
[NEU] [hoch] Flowise: Mehrere Schwachstellen
Command integrity breaks in the LLM routing layer
Unpatched RAGFlow Vulnerability Allows Post-Auth RCE
[NEU] [mittel] vllm: Mehrere Schwachstellen
Max severity Flowise RCE vulnerability now exploited in attacks
Critical Flowise Vulnerability in Attacker Crosshairs
DeepZero: An automated LLM/Ghidra pipeline for finding BYOVD zero-days in Windows drivers
Google Workspace’s continuous approach to mitigating indirect prompt injections
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
An attack class that passes every current LLM filter
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
A nearly undetectable LLM attack needs only a handful of poisoned samples
Training an AI agent to attack LLM applications like a real adversary
Novee introduces autonomous AI red teaming to hunt LLM vulnerabilities
Microsoft details AI prompt abuse techniques targeting AI assistants
VU#665416: SGLang (sglang) is vulnerable to code execution attacks via unsafe pickle deserialization
Researchers Discover Major Security Gaps in LLM Guardrails
Auditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security Controls
Claude Used to Hack Mexican Government
Red Teaming LLM Web Apps with Promptfoo: Writing a Custom Provider for Real-World Pentesting
[UPDATE] [hoch] vllm und PyTorch: Schwachstelle ermöglicht DoS und potenzielle Codeausführung
[UPDATE] [hoch] vllm: Mehrere Schwachstellen
Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection
Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection
I made Mistral believe Donald Trump runs OpenAI, here's how
Arkanix Stealer pops up as short-lived AI info-stealer experiment
Anthropic rolls out embedded security scanning for Claude
Hacking LLMs: How to Prevent Prompt Injection Attacks Now
LLMs change their answers based on who’s asking
Virtana expands MCP Server to bring full-stack enterprise context to AI agents
Side-Channel Attacks Against LLMs
Prompt Injection Standardization: Text Techniques vs Intent
Security audit for LLM skill files: skillaudit.sh
The Promptware Kill Chain
I built a free, open-source platform to learn GenAI security, learning content + hands-on labs against real LLMs (beta, looking for feedback)
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer | Microsoft Security Blog
VoidLink Linux C2 Uses LLM-Generated Malware with Kernel-Level Stealth
The OpenClaw experiment is a warning shot for enterprise AI security
The Future of AI Agent Security Is Guardrails
1Password open sources a benchmark to stop AI agents from leaking credentials
AI Skills Represent Dangerous New Attack Surface, Says TrendAI
Augustus: Open Source LLM Prompt Injection Tool
Measuring AI Security: Separating Signal from Panic
Augustus: Open Source LLM Prompt Injection Tool
A one-prompt attack that breaks LLM safety alignment
Chatbots Make Terrible Doctors, New Study Finds
AI chat app leak exposes 300 million messages tied to 25 million users
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
KI als AWS-Angriffsturbo
Vibe Coding Is Killing Open Source Software, Researchers Argue
Julius - Open Source LLM Service Fingerprinting Tool
AWS intruder achieved admin access in under 10 minutes thanks to AI assist, researchers say
175,000 Exposed Ollama Hosts Could Enable LLM Abuse
LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams
Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails
Using MCP Servers: From Quick Tools to Multi-Agent Systems
AI & the Death of Accuracy: What It Means for Zero-Trust