Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
NIST SP 800-218A turned the SSDF into an AI community profile in July 2024. Eighteen months later, what does real adoption look like for AI software teams?
An LLM agent with tools is a deputy that holds privileges its users do not. Attackers exploit that gap by tricking the agent into using those privileges on their behalf — here is how to design defenses that hold up.
A repository named Open-OSS/privacy-filter impersonated OpenAI's release, copied its model card verbatim, and shipped a loader.py that pulled an infostealer. It reached #1 trending with ~244,000 downloads before removal.
Cyera disclosed Bleeding Llama in May 2026: a heap out-of-bounds read in Ollama's GGUF loader leaking process memory. We dissect the bug and the exposure across 300,000 Ollama deployments.
MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.
Tool-poisoning attacks against Model Context Protocol servers hide adversarial instructions inside tool descriptions and silently mutate tool definitions after install. Here is how the attack works and how to defend against it.
On May 5, 2026, NIST's CAISI signed pre-deployment evaluation agreements with Google DeepMind, Microsoft, and xAI, bringing five frontier labs into a government testing program covering cyber, bio, and chemical risk.
Tool-using agents have become a viable exfiltration channel. The patterns showing up in incident reports, and the controls that contain them.
A security-focused buyer comparison of AI coding assistants in 2026: code quality risk, data exfiltration controls, license exposure, and policy enforcement.
Weekly insights on software supply chain security, delivered to your inbox.