🚀 The OWASP Top 10 for LLM Applications – 2026 Update Has Officially Kicked Off.
If you build, secure, assess, or operate LLM-powered systems, your experience matters.
The survey will be open for ONE WEEK ONLY.
👉 Take the Survey: https://docs.google.com/forms/d/e/1FAIpQLSfqC8Khv3BOM_ttxZfWX7E4vmp8nKndOdaZUfjq4QMZyOqUrg/viewform
#OWASP #GenAI #AISecurity #LLMSecurity #Top10 #GenAISecurity #AppSec #DevSecOps #GenAISecurityProject
I Hacked A Website With ONE Command
LLMs Generate Predictable Passwords - Schneier on Security
https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html
AI-security развивается, но единого стандарта пока нет: как бизнесу защищать ML-модели и AI-агентов
Привет! Меня зовут Борис Мацаков, я Data Science инженер
https://habr.com/ru/companies/cloud_ru/articles/1003844/
#aisecurity #devsecops #aiагенты #mlмодели #безопасность #prompt_injection #джейлбрейк
AI isn’t just changing how we code—it’s rewriting the rules of application security. See what BSIMM16 reveals about AI’s impact on AppSec priorities. https://jpmellojr.blogspot.com/2026/02/bsimm16-confirms-it-ai-redefines-appsec.html #AppSec #AISecurity #BSIMM16 #DevSecOps #BlackDuck
Nearly two-thirds of companies have lost track of their data just as they’re letting AI in | Fortune https://fortune.com/2026/02/25/thales-sp-survey-cyber-risk-ai-agents-wandering-free-data-not-secure-two-thirds-companies/ #cybersecurity #AISecurity #DataSecurity #DataGovernance
Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary]
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 - Check Point Research
OpenAI report reveals Chinese influence campaign exposed through ChatGPT use
Podcast: Ring Is Just Getting Started
https://www.404media.co/podcast-ring-is-just-getting-started/
We're thrilled to announce the launch of our completely redesigned VULNEX website.
This isn't just a visual refresh — it reflects the evolution of our services. Alongside our established Penetration Testing, Red Team, and Application Security offerings, we've expanded into AI Security with dedicated services including AI application penetration testing, AI model red teaming, vibe coding security audits, and AI agent security assessments.
We also continue to develop innovative tools for the security community: PromptPit (AI model comparison platform), Bytes Revealer (hex & binary analysis), and USecVisLib (security visualization library).
With 14+ years of experience, 60+ conference talks worldwide, and DARPA-funded research behind us, we remain committed to advancing both offensive and defensive cybersecurity.
Take a look: www.vulnex.com
#Cybersecurity #InfoSec #AISecurity #PenetrationTesting #RedTeam #ApplicationSecurity #VULNEX
CrowdStrike’s 2026 Global Threat Report pegs 2025 as the “year of the evasive adversary”: faster AI‑driven intrusions, 82% malware‑free attacks, edge and SaaS abuse, record crypto theft, and cross‑domain ransomware. 🔗 https://zurl.co/dQTat #cybersecurity #AIsecurity
MITRE ATLAS documente plusieurs incidents majeurs autour d’OpenClaw, un agent IA autonome open-source : interfaces exposées, skills malveillants en supply chain, RCE one-click (CVE-2026-25253) et C2 via prompt injection indirecte. Un agent avec accès shell, filesystem et réseau crée une surface d’attaque complexe. Isolation stricte et gouvernance des secrets indispensables.
⚡️https://linkeaz.net/fr/posts/openclaw-ai-agent-attack-surface
#IA #aisecurity #agenticAI #infosec #supplychain #cybersecurity #news #tech
6a8 CRITICAL RCE: CVE-2026-27597 in agentfront enclave (<2.11.1) allows sandbox escape via code injection (CWE-94). Unauthenticated remote attackers can fully compromise AI workloads. Patch to 2.11.1+ ASAP. https://radar.offseq.com/threat/cve-2026-27597-cwe-94-improper-control-of-generati-c298fcde #OffSeq #CVE202627597 #AIsecurity #infosec
Punjab launches high-tech PIFTAC to revolutionize provincial security system
'Technology can't just solve everything.' UConn's AI symposium found the biases in chat agents to be foundational. Knowing the biases can change how you deploy ... https://bryl.us/9eac #AIliteracy #AIsecurity
⚠️ DeepSeek and Claude abused for malicious tasks Researchers show DeepSeek and Claude AI can be manipulated to generate phishing lures, malware code, and exploit guidance despite safeguards, underscoring ongoing challenges in LLM misuse prevention and guardrail enforcement. #ransomNews #AIsecurity
Wenn KI-Assistenten Zugriff auf vertrauliche Daten haben, fremde Inhalte verarbeiten und selbst nach außen kommunizieren, entsteht ein „tödlicher Dreiklang“. Angreifer können die KI missbrauchen und Daten erbeuten.
🔒 Zum Schutz: Systeme so gestalten, dass mindestens ein Punkt ausgeschlossen ist.
👉 Mehr dazu im Beitrag oder in der BSI-ANSSI-Publikation: https://www.bsi.bund.de/dok/1158846
#KI #Cybersecurity #BSI #AIsecurity #LethalTrifeca
EVMbench: AI agents for smart contract vulnerability detection and patching.
https://techlife.blog/posts/introducing-evmbench/
#AISecurity #SmartContracts #BlockchainSecurity #AIEthics #CyberSecurity
