llm-security
Safeguard articles tagged "llm-security" — guides, analysis, and best practices for software supply chain and application security.
108 articles
Agent Goal Hijacking: Redirecting Autonomous AI Objectives
Attackers are hijacking autonomous AI agents by planting instructions in content they read—no exploit needed. Here's how it works, real 2025 incidents, and defenses.
LLM Unbounded Consumption: Resource Exhaustion Attacks
How attackers exploit token-based pricing and growing context windows to exhaust LLM compute and inflate cloud bills — and the concrete limits that stop them.
LLM Vector and Embedding Weaknesses
Embeddings aren't anonymized math — Vec2Text recovers 92% of text from vectors, and OWASP's LLM08:2025 now names inversion, poisoning, and exposed vector DBs as core AI risks.
LLM System Prompt Leakage
System prompts often hide business logic and secrets. Here's how attackers extract them, real 2023-2024 incidents, and how to stop leaks before they reach production.
Model Theft: Protecting Proprietary LLMs from Extraction ...
A $20 API attack can clone a production LLM's embeddings. Here's how model extraction works, real incidents from LLaMA to DeepSeek, and how to protect proprietary models.
Training Data Poisoning Attacks on Machine Learning Models
A $60 domain purchase or 0.001% of training tokens can silently corrupt an ML model. Here's how training data poisoning attacks work and how to defend against them.
Sensitive Information Disclosure in LLM Applications
From Samsung's ChatGPT leak to RAG pipelines with no access controls, sensitive information disclosure is now a top LLM security risk. Here's how it happens and how to stop it.
Insecure Output Handling in LLM-Integrated Applications
LLM output that reaches a browser, database, or shell unvalidated can trigger XSS, SQL injection, or RCE. Here's how insecure output handling breaks AI apps.
Overreliance on LLM Outputs: A Security Perspective
LLMs hallucinate packages, vulnerability verdicts, and compliance summaries with total confidence. Here's where overreliance on AI outputs creates real security risk—and how to close the gap.
LLM Denial of Service Attack Techniques
LLM denial of service attacks exploit sponge prompts, unbounded generation, and denial-of-wallet loops to cripple AI systems without a single exploit.
Excessive Agency in LLM-Powered Applications
Excessive agency turns a bad LLM output into an executed action. From Replit's July 2025 database deletion to Air Canada's chatbot ruling, here's what it is and how to scope it down.
Prompt Injection Attack Techniques and Defenses
Prompt injection is now OWASP's #1 LLM risk, and real incidents like EchoLeak and Slack AI prove it can mean zero-click data exfiltration. Here's how it works and what stops it.