Over the last few years, I’ve found myself coming back to the same question when thinking about AI systems: what actually makes them dangerous in practice? I was specifically interested in environments with real infrastructure, real incentives, and real failure modes as it pertains to practical AI security leaders
Large Language Models introduce security issues reminiscent of early-2000s software bugs. Special Token Injection (STI) exploits how LLMs parse structured prompts. This post breaks down what STI is, how it works, where it appears, and why it matters—through a pentester’s lens.
AI Red Teaming should differentiate between security and safety to effectively address the unique challenges posed by AI systems, ultimately ensuring that they are secure by design and safe to use.
Side-channel attacks are a method of extracting information from systems by observing their physical implementation rather than attacking the theoretical weaknesses in algorithms. These attacks focus on the unintended information leakage that occurs during a system's operation. This guide covers web side-channel attacks—timing signals, response-size leaks, and
Over the last few years, I’ve found myself coming back to the same question when thinking about AI systems: what actually makes them dangerous in practice? I was specifically interested in environments with real infrastructure, real incentives, and real failure modes as it pertains to practical AI security leaders
What are LLM API Misconfigurations and why do they happen? Large Language Model (LLM) APIs like Responses, Completions, Messages provide flexible interfaces for building multi-turn conversations, tool integrations, and agent pipelines. These APIs accept structured input such as messages[], roles, function calls, and other model-relevant parameters, and return structured outputs
Large Language Models introduce security issues reminiscent of early-2000s software bugs. Special Token Injection (STI) exploits how LLMs parse structured prompts. This post breaks down what STI is, how it works, where it appears, and why it matters—through a pentester’s lens.
OAuth 2.0 has become the cornerstone of modern authorization, powering secure API access for countless applications. Yet not every OAuth flow fits every scenario. While some flows are designed for backend, server-to-server communications, others are intended for public clients. In this piece, we explore why using the OAuth client
This blog details how attackers exploit Unconstrained Delegation in Active Directory to achieve domain takeover. You'll see a step-by-step breakdown of capturing a Domain Controller's TGT, why it's critical, and, of course, learn actionable steps to prevent this threat. Unconstrained delegation is a legacy
Insecure handling of OpenAI's ChatML JSON schemas can allow attackers to inject their own system roles into the messages array. This silently overrides developer-supplied instructions, coercing the model into unintended behaviors. Attackers can also abuse the system role to call hidden or unauthorized tools or functions that the
When reset tokens rely on predictable data, such as hashing a simple timestamp with MD5, they can lead to account takeovers. Read on if you want to protect your application’s password recovery functionality without compromising user convenience. Modern web applications almost always feature some form of password recovery or
Information stored in sourcemap files can lead to major security breaches. If you’re looking to keep your production environment safe without sacrificing the benefits of modern build pipelines, read on.
This guide covers the ESC8 Attack, a high-severity attack vector in Active Directory Certificate Services (AD CS) that exploits the Web Enrollment feature alongside NTLM relay attacks.
While Red Team exercises are invaluable for mirroring adversary behavior, they can be time-consuming and expensive. This panel will fix it.
AI Red Teaming should differentiate between security and safety to effectively address the unique challenges posed by AI systems, ultimately ensuring that they are secure by design and safe to use.