Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

The Cursor extension that cost a developer $500,000

A fake Solidity extension on Open VSX was downloaded 50,000+ times, dropped an infostealer, and drained $500K in crypto — how the marketplace trust model failed.

Jul 16, 20266 min read
AI Security

When the Scanner Is the Backdoor: The LiteLLM Trivy Attack

On March 19, 2026, TeamPCP hijacked Trivy's GitHub Action to steal LiteLLM's PyPI token, then shipped a backdoored release, CVE-2026-33634, CVSS 9.4.

Jul 16, 20266 min read
AI Security

The Nx Attack Turned AI Coding Agents Into the Malware

In August 2025, attackers hijacked Nx's npm publish token and used Claude Code, Gemini CLI, and Amazon Q as the exfiltration engine — leaking 2,349 secrets.

Jul 16, 20266 min read
AI Security

The postmark-mcp Backdoor: What MCP Server Vetting Should Look Like

A trojanized MCP server BCC'd every email it sent to an attacker for weeks, downloaded 1,643 times, before anyone noticed. Here's the pattern and the fix.

Jul 16, 20267 min read
AI Security

Can AI-Generated Code Be Trusted? A Security Review

A 2025 USENIX study found LLMs hallucinate nonexistent packages in up to 21.7% of code samples — and attackers are already registering the names.

Jul 13, 20267 min read
AI Security

Least-privilege scoping for AI agents with write access to code, CI, and cloud

OWASP's 2025 LLM Top 10 names Excessive Agency a top risk; a single over-scoped CI token already dumped secrets from 23,000+ repos in 2025.

Jul 10, 20268 min read
AI Security

AI Code Generation: An Evaluation Framework for Gating Output Before Merge

NYU researchers found security weaknesses in ~40% of Copilot-generated programs. Here's how to gate AI code before it ever reaches main.

Jul 10, 20267 min read
AI Security

Practical DLP controls for generative AI tools

Samsung engineers leaked chip source code into ChatGPT three times in 20 days. Here's how to build DLP controls that stop the next leak before it happens.

Jul 10, 20267 min read
AI Security

The OWASP Top 10 for LLM Applications, Explained With Real Examples

OWASP's LLM security list has grown from a 2023 side project into a 600+ expert initiative. Here's what each of the ten risks actually looks like in production.

Jul 10, 20268 min read
AI Security

The Security Chores Agents Should Handle Themselves

Enabling 2FA, rotating a password, revoking a stale session, minting a scoped key — the account-hygiene tasks everyone postpones. When an agent can do them through MCP, 'later' becomes 'now.'

Jul 9, 20264 min read
AI Security

Region-Blind Pricing Breaks the Moment an Agent Checks Out

Your pricing is localized by country — but an AI agent rarely holds a clean country code. If your checkout can't resolve region from the messy signals an agent actually has, it quotes the wrong price or none at all.

Jul 9, 20264 min read
AI Security

Death by a Thousand Tools: Governing an MCP Server at Scale

A 900-tool MCP server is powerful and terrifying in equal measure. The answer isn't fewer tools — it's per-tenant governance, where each capability is off until an admin turns it on.

Jul 9, 20264 min read
AI Security — Supply Chain Security Blog | Safeguard