All posts
-
The Gentlemen Ransomware: AI-Assisted Development, 332 Victims, and the OSINT Trail That Exposed a Russian Admin
Security researchers have identified the suspected administrator of The Gentlemen, the world's second-most-active RaaS by victim count, as a Russian
-
LLM Security Risks: The 2025 Threat Landscape for AI Deployments
A practitioner breakdown of LLM security risks covering the OWASP Top 10 for LLM Applications 2025, MITRE ATLAS AI attack tactics, and concrete mitigation
-
Building an AI Security Incident Response Plan
A practical incident response plan for AI systems — what a prompt-injection or model-extraction incident looks like, how the NIST SP 800-61r3 / CSF 2.
-
The NIST AI Risk Management Framework: A Practitioner's Field Guide
What the NIST AI RMF actually asks you to do — the GOVERN, MAP, MEASURE, MANAGE functions, the Generative AI Profile's 12 risk categories, and how a
-
CISA Contractor Exposed AWS GovCloud Admin Keys and Plaintext Passwords on Public GitHub Repo
A Nightwing contractor's public GitHub repository exposed administrative credentials to three AWS GovCloud accounts and dozens of internal CISA systems
-
Deepfake Cybersecurity: Detection Methods and Practical Defenses
From the FBI's May 2025 warning on AI voice attacks targeting US officials to NIST's synthetic content framework, here is what detection technology
-
Generative AI Risks: A Technical Reference for Security Teams
A practitioner-focused breakdown of generative AI risks mapped against NIST AI 600-1 and the OWASP Top 10 for LLMs — prompt injection, data poisoning
-
Machine Learning Security: Attack Taxonomy, CVEs, and Defenses
A technical overview of machine learning security threats in 2026: NIST's adversarial ML taxonomy, MITRE ATLAS attack classes, the CVE-2025-62164 vLLM
-
OpenAI Security: Bug Bounties, CVE Disclosure, Mixpanel Breach
A practitioner's overview of OpenAI security in 2026: their bug bounty program, CNA status, the November 2025 Mixpanel breach, and what security teams
-
ChatGPT Security: Patched Flaws, Persistent Gaps, Unsolved Risks
A technical review of ChatGPT security vulnerabilities disclosed in 2025-2026: DNS-based data exfiltration, ZombieAgent prompt injection bypass, Codex
-
ChatGPT Security: Risks, Controls, and How to Use It Safely
A practitioner's guide to ChatGPT security in 2026: how OpenAI protects enterprise data, where prompt injection and account-takeover risks live, and the
-
CISA AI Security Guidance: What Organizations Need in 2026
A breakdown of CISA's published AI security guidance — what it covers, what it requires, and how organizations should operationalize it.
-
Deepfake Cybersecurity: Five Confirmed Cases and the Patterns
A working catalog of confirmed deepfake cybersecurity incidents from 2024 and 2025 — from Arup's $25M loss to Ferrari's averted scam — and the controls
-
Deepfake Cybersecurity: Attack Vectors and Defenses for 2026
Deepfake cybersecurity has moved from theoretical risk to documented billion-dollar loss category. Here's what the attack surface looks like, why
-
Generative AI Risks: A Practical Taxonomy for Security Teams
Generative AI risks span prompt injection, data poisoning, supply chain vulnerabilities, hallucination, and governance failures.
-
How to Track AI Security Alerts: CISA, NIST, and Vendor Feeds
A practical guide to the official and community sources for AI security alerts — what each publishes, how frequently, and how to integrate them into a
-
LLM Security Alerts: Monitoring, Detection, and Response
A practical guide to setting up LLM security alerting — what to monitor, what alert patterns indicate compromise or attack, how to triage LLM security
-
LLM Security Risks: A Practitioner's Field Guide for 2025
A comprehensive breakdown of LLM security risks — prompt injection, supply chain poisoning, excessive agency, and model extraction — with mitigation
-
Machine Learning Security Across the Pipeline: Data to Deployment
Machine learning security vulnerabilities enter at every stage — data ingestion, model training, artifact storage, and inference.
-
Machine Learning Security: Threats, Frameworks, and Defenses
A practitioner's reference for machine learning security: the canonical attack categories, the frameworks that catalog them (NIST AI 100-2, OWASP ML Top
-
AI-Generated Phishing and the Collapse of Spearphishing Cost
Crafting a convincing, personalized phishing email once required hours of research per target. Large language models have reduced that cost to seconds.
-
AI Agent Security Incidents: When Autonomous AI Went Wrong
A documented review of security incidents involving autonomous AI agents in 2024-2025, covering tool misuse, privilege escalation via injection, and the
-
What Red Teamers Are Finding in 2026: LLM Defense Gaps
Enterprise LLM deployments are being red-teamed at scale for the first time. Security practitioners find consistent failure patterns — misconfigured
-
CISA's KEV Catalog: What It Tells Us About AI/ML Security
The CISA KEV catalog tracks vulnerabilities with confirmed active exploitation. Examining KEV entries for AI/ML-adjacent components reveals which parts of
-
Compromised Models on Hugging Face: Pickle Exploits in the Hub
Malicious actors have uploaded model files to Hugging Face containing pickle payloads that execute code on download.
-
CVE Roundup: AI/ML Infrastructure Vulnerabilities — Q1 2026
A quarterly review of critical CVEs disclosed in Q1 2026 affecting model serving infrastructure: vLLM, NVIDIA Triton Inference Server, Gradio, LangChain
-
Hugging Face Security Incidents: Malicious Models and Token Theft
A review of documented security incidents on the Hugging Face platform, including malicious model uploads, the 2024 Spaces infrastructure breach, and the
-
Major Jailbreak Techniques of 2025: Disclosures and What Persists
A roundup of significant jailbreak techniques disclosed or widely documented in 2025, including many-shot jailbreaking, crescendo attacks, cipher-based
-
Model File Format Flaws: Pickle, ONNX, and SafeTensors
Unsafe deserialization in PyTorch's pickle-based format has enabled malicious model distribution for years. This post explains how pickle exploitation
-
OWASP LLM Top 10 2025: What Changed and Why It Matters
The OWASP Top 10 for Large Language Model Applications was updated for 2025. Here is a breakdown of what moved, what was added, and why the changes
-
Prompt Injection via Email: How AI Agents Get Hijacked
Email is the highest-volume source of untrusted content in enterprise environments — and it's now being fed directly into AI agents.
-
Data Poisoning in RAG Systems: A 2026 Threat Briefing
Attackers are actively poisoning retrieval-augmented generation knowledge bases in enterprise deployments. This briefing documents the current threat
-
RAG Poisoning: How Retrieval-Augmented Systems Get Compromised
RAG systems inherit all the vulnerabilities of LLMs and add a new one: the retrieval corpus. Injecting malicious content into retrieved sources can hijack
-
Shadow AI: Ungoverned LLM API Keys and Data Exfiltration Risk
Employees using personal Claude, OpenAI, and Gemini API keys for work tasks bypass corporate DLP controls and send sensitive business data to external
-
AI Security: Attack Categories, Defense Gaps, and How to Respond
A practitioner guide to the four core attack categories against AI/ML systems — from adversarial inputs to supply chain compromise — with mitigation
-
Model Extraction Attacks: How Adversaries Steal AI via the API
Model extraction attacks reconstruct proprietary AI models by querying their public APIs. Here's how they work, what has been demonstrated against real
-
Weekly AI Security Digest — May Week 2, 2026
Top five AI security developments from May 5-9, 2026: CISA guidance on AI in critical infrastructure, new prompt injection research, LLM supply chain
-
A Practical Guide to AI Red-Teaming for Security Teams
Red-teaming LLMs requires different skills and methodology than traditional network or application penetration testing.
-
AI System Security Audit Checklist for 2026
A practical audit checklist for AI systems covering model inputs, training pipeline, outputs, access control, logging, and red-team requirements.
-
How to Benchmark AI Security Tools: A 2026 Methodology
Choosing an AI security tool without a structured evaluation methodology is expensive guesswork. This guide covers the metrics that matter, the pitfalls
-
The Samsung ChatGPT Data Leak: Lessons for Enterprise AI
In 2023, Samsung employees leaked proprietary source code and meeting notes through ChatGPT. This incident defined a category of enterprise AI risk that
-
Prompt Injection in the Wild: Incidents from 2024-2025
A catalog of confirmed prompt injection incidents in real deployments: Bing Chat, Slack AI, email assistants, and customer service bots.
-
Tool Review: Garak, the LLM Vulnerability Scanner
Garak is an open-source LLM vulnerability scanner from NVIDIA that probes language models for dozens of failure modes.
-
CVE-2026-7845: Hash Collision in Langchain-Chatchat
A weak-hash flaw in Langchain-Chatchat up to 0.3.1.3 lets an adjacent attacker overwrite pasted images by colliding MD5 hashes computed from PIL.Image.
-
AI/ML CVE Roundup: May 2026 — What Got Patched
A summary of AI and ML-adjacent CVEs disclosed in early–mid 2026 across model serving frameworks, LLM API gateways, agent SDKs, and ML training libraries.
-
Model Theft via API: How Extraction Attacks on Closed LLMs Work
Model extraction attacks let adversaries reconstruct proprietary LLMs by querying their APIs at scale. We examine the mechanics, cost-of-extraction
-
LLM Supply Chain Poisoning: Training Data Attacks and Backdoors
Training data poisoning and model supply chain attacks are among the hardest AI threats to detect. This post explains how they work, what public research
-
Tool Review: LLM Guard for Input/Output Filtering
LLM Guard is an open-source input/output filtering library for LLM applications. We review what it detects, how it deploys, its real limitations, and when
-
How System Prompt Leaks Happen: Techniques and Defenses
Prompt injection attacks that expose system prompts are one of the most common real-world LLM exploits. This post covers the mechanics of system prompt
-
Jailbreaking vs Prompt Injection: Not the Same Attack
Security practitioners conflate jailbreaking and prompt injection constantly. They are distinct attack classes with different threat actors, different
-
MetInfo CMS CVE-2026-29014 Exploited in the Wild for RCE
A critical unauthenticated PHP code injection flaw in MetInfo CMS 7.9–8.1 (CVSS 9.8) is under active exploitation. Patch to the April 7 release immediately.
-
Germany Names UNKN: What the BKA's REvil and GandCrab Dox Buys
Germany's BKA has put a name and a face to UNKN, the operator behind GandCrab and REvil. Russia will not extradite, but the wanted notice is doing other
-
What Is Adversarial ML? A Practitioner's Primer
A practitioner-focused introduction to adversarial machine learning: evasion, poisoning, and inference attacks, why they matter in production, key papers
-
CISA Adds Exploited Linux Kernel LPE CVE-2026-31431 to KEV
A local privilege escalation flaw in the Linux kernel's AEAD crypto interface has been added to CISA's KEV catalog after active exploitation.
-
CVE-2026-7669: Deserialization Flaw in SGLang's Tokenizer Loader
A medium-severity deserialization bug in SGLang's get_tokenizer routine affects all releases up to 0.5.9. The vendor has not responded to the disclosure