AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Rogue AI Agents: When Autonomous Systems Act Outside Inte...
Autonomous AI agents are gaining real access to production systems — and real incidents, from deleted databases to fabricated refunds, show what happens when they act outside intended boundaries.
Human-Agent Trust Exploitation in AI Systems
Attackers are exploiting the trust between humans and AI agents — hidden prompt injections, hallucinated packages, and over-trusted autonomy are now supply chain risks.
Cascading Failures in Multi-Agent AI Architectures
One compromised agent can poison an entire pipeline in seconds. Heres how cascading failures spread through multi-agent AI systems, and how to contain them.
Insecure Inter-Agent Communication in Multi-Agent Systems
Multi-agent AI pipelines pass untrusted content between agents with no authentication or integrity checks. Here's how insecure inter-agent communication opens the door to injection attacks.
Uncontrolled Recursion in AI Agent Loops
AI agents can call themselves into runaway loops, burning thousands of dollars and crashing services. Here's why it happens and how to stop it.
Memory and Context Poisoning Attacks Against AI Agents
How attackers poisoned ChatGPT's memory and RAG pipelines to hijack AI agents long-term, and the controls Safeguard uses to catch it before it spreads.
Agentic Unexpected Code Execution Vulnerabilities
How AI agents with code-execution tools get hijacked by prompt injection—from the Vanna.ai RCE (CVE-2024-5565) to LangChain and MCP—and what to do about it.
Agentic AI Supply Chain Vulnerabilities
Agentic AI systems trust tools and models at runtime, not build time. Real 2024-2025 incidents show how MCP servers and AI packages become supply chain attack vectors.
Agentic Identity and Privilege Abuse
AI agents now inherit more privilege than they need — and incidents like the Microsoft 38TB SAS-token leak and ServiceNow's Now Assist flaw show what happens when that privilege gets abused.
Agent Tool Misuse and Exploitation
Attackers don't need to hack AI agents — they just redirect their own tools. Here's how tool misuse works, real 2025 incidents, and how to stop it.
Agent Goal Hijacking: Redirecting Autonomous AI Objectives
Attackers are hijacking autonomous AI agents by planting instructions in content they read—no exploit needed. Here's how it works, real 2025 incidents, and defenses.
LLM Misinformation: Security Risks of Hallucinated Outputs
LLM hallucinations aren't just AI trivia — they invent packages attackers squat on, fake CVEs, and false advisories that have already cost real companies real money.