Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

Data poisoning attacks against LLMs

A $60 domain purchase or 250 documents can backdoor an LLM. Here's how data poisoning attacks work, real cases, and how to defend against them.

Jun 8, 20267 min read
AI Security

Securing RAG pipelines against injection attacks

RAG pipelines feed untrusted retrieved content straight into model context. Real breaches like EchoLeak show what happens when nothing checks it.

Jun 8, 20267 min read
AI Security

Type-level security: the future of secure AI code generation

45% of AI-generated code fails basic security tests. Here's why type systems catch what code review misses, and how to enforce type-level security on AI-authored diffs.

Jun 8, 20268 min read
Vulnerability Analysis

NVD in the AI era: multi-source vulnerability intelligence

NVD's 2024 enrichment backlog exposed the risk of a single vulnerability feed. Here's how multi-source data and AI triage close the gap.

Jun 7, 20266 min read
AI Security

Snyk VulnBench: benchmarking LLMs on repeat vulnerability discovery

Snyk's VulnBench JS 1.0 ran 300 repeated LLM scans and found half of non-reference findings vanish on rerun—raising the bar for AI security tooling.

Jun 7, 20267 min read
AI Security

Protestware via prompt injection: the jqwik 1.10.0 case

jqwik 1.10.0 hid a prompt injection telling AI coding agents to delete tests. Here's how it worked, why it's protestware, and how to catch it.

Jun 7, 20267 min read
AI Security

AI Is Forcing a New Open Source Security Model

AI coding agents now choose dependencies — and attackers are exploiting hallucinated packages and MCP backdoors that legacy SCA tools like Sonatype's were never built to catch.

Jun 7, 20267 min read
AI Security

Governments banning AI models: security implications for teams

Governments banned DeepSeek and other AI models in 2025 within days. Here's the security supply-chain risk teams face and how to find and fix it fast.

Jun 7, 20266 min read
AI Security

Building trust in AI-assisted software development

AI writes 30-50% of new code at many shops now, and 45% of it ships with security flaws. Here's how to build real trust in that pipeline.

Jun 6, 20266 min read
AI Security

Vulnerability Prioritization in the AI Era

CVSS scores can't keep pace with AI-generated code and 40,000+ annual CVEs. Here's why Sonatype's component-level model falls short and what real prioritization requires.

Jun 6, 20268 min read
AI Security

Cursor's AI security agents: what they get right and what's missing

Cursor's Bugbot and MCP agents catch real bugs, but CurXecute and MCPoison show they open new attack surfaces SCA tools never had to face.

Jun 6, 20266 min read
AI Security

Claude Code and Claude Desktop security integrations

Claude Code's shell access and MCP's connector boom are reshaping software supply chain risk. Here's what security teams need to know and do.

Jun 6, 20267 min read
ai-security (Page 10) — Safeguard Blog