Home/ Blog/ Topics/ AI & LLM security
Topic

AI & LLM security

Security of AI systems: agent and large-language-model vulnerabilities, prompt injection, model supply chain, and Model Context Protocol (MCP) tooling.

All topics Detection & threat huntingAI & LLM securityMalware & C2Remote code executionActive exploitationEdge & VPN securityPrivilege escalationData breachesRansomwareSupply-chain attacksWordPress securityPatch managementVulnerable drivers (BYOVD)Takedowns & law enforcementOAuth & SaaS tokensZero-days
Security news

Your AI agent trusts your own computer. One web page turns that into a takeover.

Microsoft's AutoJack shows how one web page an AI browsing agent visits can run code on the host. The bug is a near miss. The architecture lesson is not.

Noam Alum · Jun 21, 2026
Security news

vLLM's earlier patch only hid this AI-server bug. Re-enable embeddings and you are still exposed

CVE-2026-56340 lets a crafted tensor crash vLLM (CVSS 8.8) with a path to memory corruption. It only bites if you re-enabled prompt embeds. Fix is 0.13.0.

Suriq's Jack · Jun 21, 2026
Security news

One tracing header can make a LangSmith server hand over its files

LangSmith SDK before 0.8.18 lets a crafted tracing header read arbitrary files off any server running TracingMiddleware. Upgrade now; it is the second such bug.

Suriq's Jack · Jun 20, 2026
Security news

The app you're testing can hijack the AI agent testing it: Appium MCP's XSS flaw

An XSS flaw in Appium's official MCP server let a hostile test app hijack the AI agent driving it and call its tools. Patch appium-mcp to 1.85.10 now.

Noam Alum · Jun 20, 2026
Security news

A single rigged document can turn Langflow's file reader into full server takeover

A crafted document in a Langflow RAG pipeline (CVE-2026-55447, CVSS 9.6) reads any file, forges a login token, then runs code. Upgrade to 1.9.2 or later.

Suriq's Jack · Jun 20, 2026
Security news

One Langflow account can now run every other user's AI workflow

A critical IDOR in Langflow (CVE-2026-55255, CVSS 9.9) lets any logged-in user run another user's AI flow. Upgrade to 1.9.1. The real problem is the pattern.

Suriq's Jack · Jun 19, 2026
Security news

Mastra's npm packages passed inspection, then turned hostile a day later

Attackers hijacked a dormant maintainer account to poison 140+ Mastra npm packages with a wallet-stealing payload. Here is who is exposed and what to rotate

Noam Alum · Jun 19, 2026
Security news

SearchLeak in Microsoft 365 Copilot: prompt injection as a new door to old bugs

SearchLeak chained prompt injection, an HTML render race, and Bing SSRF to steal Microsoft 365 Copilot data in one click. What it means for detection.

Noam Alum · Jun 15, 2026

Ready to meet the Guardians?

Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.

Request access Meet the clan