prompt-injection
Safeguard articles tagged "prompt-injection" — guides, analysis, and best practices for software supply chain and application security.
127 articles
Black Hat Arsenal 2026 Preview: The Agentic AI and Supply-Chain Tools to Watch
Black Hat USA 2026 runs August 1–6 at Mandalay Bay, with Arsenal August 4–6. Here is an honest preview of the open-source tool categories worth your time — and how to tell signal from demo-day hype.
DEF CON 34 Preview: Agentic AI Security Takes Center Stage at Hacker Summer Camp
DEF CON 34 lands in Las Vegas August 6-9, 2026 under the theme 'Agency' — a deliberate nod to agentic AI. Here is what to watch, why it matters, and how to prepare before you board the plane.
OWASP Top 10 for LLM Applications explained
A breakdown of the 2025 OWASP Top 10 for LLM Applications—prompt injection, supply chain, excessive agency—with real examples and fixes.
Prompt injection attacks: direct vs indirect
Direct prompt injection comes from the chat box; indirect injection hides in the data your AI agent trusts. Here's how the two attack types differ and what stops each.
Agent hijacking: the real-world impact of prompt injection
From a zero-click Microsoft 365 Copilot breach to poisoned MCP servers, AI agent hijacking is now a real, documented software supply chain threat.
mcp-scan: detecting malicious MCP tool definitions
MCP lets AI agents call tools via plain-text descriptions the model trusts blindly. Here's how mcp-scan catches poisoning, rug-pulls, and shadowing.
Best LLM Security Tools in 2026: Guardrails, Red Teaming, and Runtime Defense Compared
An honest guide to the best LLM security tools in 2026 — from open-source guardrails and red-teaming scanners like NeMo Guardrails, garak, and LLM Guard to runtime APIs and full AI security platforms — with clear guidance on which job each one actually does.
5 best practices for adopting GitHub Copilot securely
GitHub Copilot has 1.3M+ paid seats. Five concrete, evidence-based practices for locking down content exclusion, licensing, code quality, and prompt injection risk.
Best AI Security Tools in 2026: Guardrails, Red Teaming, and Agentic AI Security Compared
An honest guide to the best AI security tools in 2026 — red-teaming and testing tools, runtime guardrails for prompt injection, agentic AI and MCP security, and the AI supply chain layer (AIBOM) — with a clear best-for line for each.
Security in AI Systems: What Actually Changes
Security in AI systems isn't a wholly new discipline, but prompt injection, training data provenance, and model supply chains introduce risks traditional AppSec tooling wasn't built to catch.
Agentic AI Security: Gartner Says Most AI-Agent Attacks Will Be Access-Control Failures
Gartner predicts that through 2029, more than half of successful attacks against AI agents will exploit access-control issues — with prompt injection as the delivery mechanism. Here's why that framing matters more than the headline number.
Securing RAG pipelines against injection attacks
RAG pipelines feed untrusted retrieved content straight into model context. Real breaches like EchoLeak show what happens when nothing checks it.