AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
AI SBOMs and Model Cards: Building Transparency Into the AI Supply Chain
As AI models become critical software components, the need for AI-specific SBOMs and model cards grows urgent. How the industry is extending supply chain transparency to machine learning pipelines.
PyTorch CVE-2025-32434: weights_only=True No Longer Safe
A critical PyTorch RCE bypassed the safety property of torch.load(weights_only=True). We analyze the bug and explain why safetensors should now be the default.
OpenSSF Model Signing v1.0: Sigstore for ML
OpenSSF launched Model Signing v1.0 in April 2025 with Sigstore integration. NVIDIA NGC adopted it the same month. We explain what it signs, how to verify, and where the gaps are.
Line Jumping: How MCP Tool Descriptions Attack Before Tools Are Called
Trail of Bits coined 'line jumping' for prompt injection delivered through MCP tool descriptions on connection. It bypasses every tool-invocation guardrail by design.
OpenAI Preparedness Framework v2: April 2025 Update
OpenAI released Preparedness Framework v2 on April 15, 2025 with sharper thresholds, an AI self-improvement category, and clearer disclosure requirements. We unpack the operational changes.
Llama 4 Release and LlamaFirewall: A Defender's Guide
Meta shipped Llama 4 Scout and Maverick on April 5, 2025, along with Llama Guard 4, LlamaFirewall, and CyberSecEval 4. We unpack what defenders should deploy and what to ignore.
MCP Server Authentication and Authorization: Securing the AI Tool Layer
The Model Context Protocol enables AI agents to interact with external tools and data sources. Securing MCP servers requires authentication, authorization, and input validation patterns specific to the AI agent context.
AI Agent Tool Calling Security: Risks and Mitigations
AI agents that call tools -- APIs, databases, file systems, code interpreters -- convert non-deterministic LLM output into real-world actions. Securing this boundary is the defining challenge of agentic AI.
AI Agent Frameworks: A Security Assessment of the New Autonomous Frontier
AI agents that can execute code, browse the web, and manage infrastructure are proliferating. The security implications of these autonomous frameworks demand scrutiny.
LLM-Augmented Bug Discovery Methodology
A practitioner's methodology for using LLMs to augment — not replace — traditional bug discovery workflows, with patterns that hold up under real review load.
MCP Protocol Security: What the Model Context Protocol Means for Supply Chains
Anthropic's Model Context Protocol standardizes how AI models interact with external tools. The security implications for software supply chains are significant.
nullifAI: Broken Pickles and the Hugging Face Detection Gap
ReversingLabs disclosed two malicious Hugging Face models that evaded Picklescan by using broken 7z-packed PyTorch archives. We unpack the technique.