Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

Code injection risks in GenAI-generated code

Nearly 40% of GitHub Copilot's suggested programs contain exploitable vulnerabilities, and 19.7% of AI-generated code samples reference packages that don't exist.

Jul 8, 20267 min read
Container Security

Securing Containerized AI Workloads: Base Images, GPU Drivers, and Runtime Policy

A CVSS 9.0 flaw in NVIDIA's Container Toolkit let any GPU container escape to the host — and its first patch didn't fully close it. Here's how to defend AI infrastructure.

Jul 8, 20265 min read
AI Security

Why AI-generated code needs DAST, not just SAST

Copilot-generated code carried vulnerabilities in ~40% of cases in a 2021 NYU study. Static scanning alone cannot catch the runtime-only bug classes LLMs introduce.

Jul 8, 20266 min read
AI Security

Detecting AI Hallucinations in Generated Code

A USENIX Security 2025 study found 19.7% of packages recommended by 16 LLMs across 576,000 code samples don't exist — and attackers are registering them first.

Jul 8, 20266 min read
AI Security

Guardrails for Autonomous AI Agents: Allowlisting, Validation, and Human-in-the-Loop

OWASP's 2025 LLM Top 10 splits Excessive Agency into three root causes. Here's how tool allowlisting, output validation, and approval gates address each one.

Jul 8, 20266 min read
AI Security

Why static scanners miss malicious AI agent skills

In April 2025, Invariant Labs showed a malicious MCP tool description could exfiltrate an SSH key — with zero suspicious code for a static scanner to flag.

Jul 8, 20266 min read
AI Security

LLM-assisted vulnerability autofixing: approaches and how to validate the patches

At DARPA's AIxCC finals in August 2025, AI systems patched 68% of vulnerabilities they found — up from 25% at semifinals. Here's how the approaches differ and why validation still matters most.

Jul 8, 20267 min read
AI Security

Mapping the blast radius of a vulnerable AI infrastructure dependency

One Ray dashboard flaw let attackers hit hundreds of exposed AI servers. SBOM plus call-graph data is how you find every service that shares the exposure.

Jul 8, 20266 min read
AI Security

OWASP Top 10 for LLM Applications: A Practical Walkthrough

OWASP's 2025 LLM Top 10 added three new categories in one revision — here's what changed, why, and concrete mitigation patterns for each risk.

Jul 8, 20267 min read
AI Security

Prompt injection in AI coding assistant system prompts

Copilot, Cursor, and Windsurf all read untrusted repo text into the same channel as trusted instructions — three 2025 CVEs show what happens next.

Jul 8, 20266 min read
AI Security

Prompt injection via AI agent CI/CD workflow tampering

A single malicious PR title was enough to make three major AI coding agents leak API keys straight out of a GitHub Actions runner.

Jul 8, 20266 min read
AI Security

The Hidden Risks of AI Coding Assistants

A 2021 NYU study found 40% of Copilot-generated code contained exploitable bugs — and that's before counting leaked secrets or hallucinated packages.

Jul 8, 20266 min read
ai-security (Page 4) — Safeguard Blog