prompt injection

973 MCP Packages, 71% Single-Maintainer: A Practitioner's Guide to AI Developer Security

973 MCP Packages, 71% Single-Maintainer: A Practitioner’s Guide to AI Developer Security

| | AI Security, AppSec, developer-tools, MCP, prompt injection, supply chain
At a Glance AI security tooling adoption lags behind AI coding tool adoption by an order of magnitude. Download ratios: 10:1 on PyPI, 28:1 on npm. AI-generated code ships vulnerable at baseline. 45% failure ...
Security, Decoded: Insights from Suzu Labs
Access Controls Validate Identity. They Cannot Validate Intent. With AI Agents, That Distinction Is Now Critical

Access Controls Validate Identity. They Cannot Validate Intent. With AI Agents, That Distinction Is Now Critical

| | Agentic AI, AI agent security, identity and access management, prompt injection, runtime governance
Access controls can confirm who or what is allowed to act. They cannot always tell whether the action makes sense. That gap becomes dangerous with AI agents, which can call tools, trigger ...
Security Boulevard
AI Agents Need Guardrails Before They Touch Real Accounts

Guarding AI Agents: Boundaries and Safeguards

| | , Agentic AI, AI agents, AI Governance, AI Security, automation risk, Cybersecurity, Digital Privacy, Episodes, Human In The Loop, identity security, Instagram Security, least privilege, Meta AI, Podcast, Privacy, prompt injection, Support Security, surveillance, Weekly Edition
AI agents are useful, but they become risky when they can take action in real systems. In this episode, Tom Eston discusses recent reporting about attackers tricking Meta’s AI support chatbot into ...
Shared Security Podcast
When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security

When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security

| | AI Governance, AI guardrails, AI safety, AI Security, Anthropic, Cybersecurity, Fable 5, Frontier Models, Mythos 5, prompt injection, Red Teaming, security testing
When Anthropic abruptly pulled Mythos 5 and Fable 5 from circulation, the move sent a jolt through the AI and cybersecurity communities. These were not minor point releases. They were widely regarded ...
Cybersecurity Expert | Cyber Resilience
The Half of Agent Security You’re Not Governing

The Half of Agent Security You’re Not Governing

| | agent governance, AI agent security, Lethal by Design, LLM Blast Radius, MCP servers, No Excessive CAP Framework, Noma Security, prompt injection, Skills vs Tools
The governance of AI agents faces a fundamental asymmetry: while MCP servers provide structured logs, the "Skills" that drive agent reasoning remain forensic black holes. As high-risk capabilities—such as arbitrary code execution ...
Security Boulevard
When AI Billing Breaks Trust: What the Claude Code Backlash Says About AI Governance

When AI Billing Breaks Trust: What the Claude Code Backlash Says About AI Governance

| | ai ethics, AI Governance, AIAgent, Anthropic, api, Claude, prompt injection
When AI Billing Breaks Trust: Lessons from the Claude Code Backlash AI adoption is accelerating, but trust is still fragile ...
Security, Decoded: Insights from Suzu Labs
Capsule, capsule security,

Capsule Security Emerges From Stealth to Secure AI Agents at Runtime

| | AI agent security, AI Cybersecurity, AI Governance, Capsule Security, ClawGuard, PipeLeak, prompt injection, runtime protection, ShareLeak
Capsule Security emerges from stealth with a $7M seed round to launch a runtime security platform for AI agents. Featuring the open-source ClawGuard, the platform enforces governance and mitigates prompt injection risks ...
Security Boulevard

Bypassing LLM Supervisor Agents Through Indirect Prompt Injection

| | AI agent security, AI Security, LLM penetration testing, LLM Red Teaming, llm security, Offensive Security, prompt injection
Indirect prompt injection lets attackers bypass LLM supervisor agents by hiding malicious instructions in profile fields and contextual data. Learn how this attack works and how to defend against it. The post ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
data, hack, application cyberwarfare firewall

The Arms Race is Already Over. You Just Don’t Know Which Side Won. 

| | AI-Driven Exploitation, Anthropic Claude 4.6, behavioral detection, Cybersecurity Economics, identity-based attacks, Open Source Security, prompt injection, Social Engineering 2.0, Synthetic Actors, Trust Layer Security, Vulnerability Remediation Gap., zero-day vulnerabilities
Anthropic’s Claude 4.6 found 500+ zero-days, but the real story is economic. As AI secures code, attackers are shifting to the "Trust Layer"—AI-driven social engineering and identity deception ...
Security Boulevard
Terminal showing Python script execution where AI refuses PowerPoint creation request, followed by thinking notes about the refusal

Which Came First: The System Prompt, or the RCE?

| | AI agent security, AI Offensive Security, Augustus, code execution, LLM penetration testing, Offensive Security, prompt injection, Red Team, Vulnerability Research
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: instead ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Load more