llm-security
Safeguard articles tagged "llm-security" — guides, analysis, and best practices for software supply chain and application security.
108 articles
Explaining prompt injection attacks and why they're hard ...
Prompt injection attacks trick AI models into obeying attacker instructions hidden in data or user input, and there's still no complete fix.
How indirect prompt injection hides malicious instruction...
How attackers hide malicious instructions inside webpages, documents, and retrieved content to hijack AI systems — and why RAG pipelines are especially exposed.
Comparing LLM firewall and guardrail products for enterpr...
A vendor-by-vendor comparison of LLM firewall and AI guardrail platform options for enterprise deployment, with real strengths and limitations for each.
How RAG poisoning attacks manipulate retrieval-augmented ...
RAG poisoning attacks corrupt the external knowledge base an LLM retrieves from, turning trusted documents into vectors for misinformation and data leaks.
How to build an AI-specific incident response playbook
A step-by-step guide to building an AI incident response plan — covering scoping, escalation, detection, containment, and post-incident review for LLM and agent failures.
Prompt Injection Detection in Retrieval Systems
Indirect prompt injection arrives through your retrieval corpus, not your chat box. We cover the detection strategies that survive when attackers write your RAG content.
Prompt injection vulnerabilities in LLM applications explained
Prompt injection is OWASP's #1 LLM risk. See real CVEs like Vanna.AI's RCE flaw and how to detect and stop it.
Rogue AI Agents: When Autonomous Systems Act Outside Inte...
Autonomous AI agents are gaining real access to production systems — and real incidents, from deleted databases to fabricated refunds, show what happens when they act outside intended boundaries.
Cascading Failures in Multi-Agent AI Architectures
One compromised agent can poison an entire pipeline in seconds. Heres how cascading failures spread through multi-agent AI systems, and how to contain them.
Uncontrolled Recursion in AI Agent Loops
AI agents can call themselves into runaway loops, burning thousands of dollars and crashing services. Here's why it happens and how to stop it.
Agentic Unexpected Code Execution Vulnerabilities
How AI agents with code-execution tools get hijacked by prompt injection—from the Vanna.ai RCE (CVE-2024-5565) to LangChain and MCP—and what to do about it.
Agentic AI Supply Chain Vulnerabilities
Agentic AI systems trust tools and models at runtime, not build time. Real 2024-2025 incidents show how MCP servers and AI packages become supply chain attack vectors.