Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

LLM System Prompt Leakage

System prompts often hide business logic and secrets. Here's how attackers extract them, real 2023-2024 incidents, and how to stop leaks before they reach production.

Nov 15, 20257 min read
AI Security

Model Theft: Protecting Proprietary LLMs from Extraction ...

A $20 API attack can clone a production LLM's embeddings. Here's how model extraction works, real incidents from LLaMA to DeepSeek, and how to protect proprietary models.

Nov 14, 20257 min read
AI Security

LLM Supply Chain Vulnerabilities

Malicious model files, poisoned datasets, and compromised ML packages are the new software supply chain frontier. Here is how these LLM attacks actually work.

Nov 14, 20257 min read
AI Security

Training Data Poisoning Attacks on Machine Learning Models

A $60 domain purchase or 0.001% of training tokens can silently corrupt an ML model. Here's how training data poisoning attacks work and how to defend against them.

Nov 14, 20257 min read
AI Security

Sensitive Information Disclosure in LLM Applications

From Samsung's ChatGPT leak to RAG pipelines with no access controls, sensitive information disclosure is now a top LLM security risk. Here's how it happens and how to stop it.

Nov 14, 20258 min read
AI Security

Insecure Output Handling in LLM-Integrated Applications

LLM output that reaches a browser, database, or shell unvalidated can trigger XSS, SQL injection, or RCE. Here's how insecure output handling breaks AI apps.

Nov 13, 20258 min read
AI Security

Overreliance on LLM Outputs: A Security Perspective

LLMs hallucinate packages, vulnerability verdicts, and compliance summaries with total confidence. Here's where overreliance on AI outputs creates real security risk—and how to close the gap.

Nov 13, 20257 min read
AI Security

LLM Insecure Plugin Design Vulnerabilities

ChatGPT plugins, LangChain agents, and MCP servers have all shipped insecure plugin flaws exposing accounts and data. Here's how Safeguard defends against them.

Nov 13, 20258 min read
AI Security

LLM Denial of Service Attack Techniques

LLM denial of service attacks exploit sponge prompts, unbounded generation, and denial-of-wallet loops to cripple AI systems without a single exploit.

Nov 13, 20257 min read
AI Security

Prompt Injection Attack Techniques and Defenses

Prompt injection is now OWASP's #1 LLM risk, and real incidents like EchoLeak and Slack AI prove it can mean zero-click data exfiltration. Here's how it works and what stops it.

Nov 12, 20257 min read
Software Supply Chain Security

AI Bill of Materials (AI-BOM) for Model Supply Chains

An AI-BOM tracks every model, dataset, and dependency in your ML pipeline so a compromised base model or license issue can be traced in minutes, not weeks.

Nov 2, 20257 min read
AI Security

RAG Poisoning: Defenses That Work

Retrieval-augmented generation is the most common LLM deployment pattern in the enterprise and the most commonly poisoned. A senior security engineer's playbook for defences that hold up in production.

Oct 20, 20257 min read
ai-security (Page 40) — Safeguard Blog