AI Security Blog

You'll find useful content about AI security, the cybersecurity landscape, news, events and much more updated regularly here.

Ghosts in the Machine: ASCII Smuggling across Various LLMs

Ghosts in the Machine: ASCII Smuggling across Various LLMs

Researcher Viktor Markopoulos discovers ASCII Smuggling bypasses human audit via Unicode, enabling enterprise identity spoofing and data poisoning on Gemini & Grok.

Latest articles

All
OWASP LLM TOP 10
All
AI Security
All
Product
All
A View from the C-Suite
All
Fintech
All
cloud security
All
AI
All
Awards
All
API economy
All
podcast
All
WAF
All
Events
All
Cybersecurity
All
Cyber landscape
All
Company
All
API security
Life 360 Phone Number Leak
July 19, 2024

Life 360 Phone Number Leak

Location-sharing services, like much of the modern internet, are powered by APIs. Because these APIs handle personally identifiable information such as addresses, phone numbers and more, breaches in these apps can lead to serious safety issues for users everywhere.

Read more
Apache Hugegraph Under Attack
July 19, 2024

Apache Hugegraph Under Attack

With new API threats popping up every day, no one is safe from vulnerability. This is especially dangerous when it comes to large, widely used servers such as Apache HugeGraph.

Read more
Apple Leaks Location Data
July 11, 2024

Apple Leaks Location Data

Some companies position privacy as a key value proposition of their products and services. But that may not always be as true as advertised.

Read more
Cuckoo for CocoaPods
July 10, 2024

Cuckoo for CocoaPods

A researcher at EvaSec recently discovered a vulnerability in the CocoaPods ecosystem that could potentially affect an undetermined (but huge) number of web users.

Read more
MFA Breached via Unauthenticated APIs
July 8, 2024

MFA Breached via Unauthenticated APIs

What happens when the system designed to authenticate you to your online accounts is vulnerable itself? Threat actors recently verified phone numbers for millions of Authy users via an unsecured API endpoint.

Read more
New Cryptomining Campaigns Use Exposed Docker APIs
July 1, 2024

New Cryptomining Campaigns Use Exposed Docker APIs

A new type of API attack has been discovered- and it’s particularly pernicious. The target? Exposed Docker APIs. The objective? Spreading cryptojacking malware.

Read more

Subscribe to receive articles directly in your inbox

If you prefer to be notified of new posts via email, simply subscribe to our blog below.